Lucene search
GoogleOSV:GHSA-53XV-C2HX-5W6QHistoryJan 05, 2022 - 8:39 p.m.
Command Injection in node-windows
2022-01-0520:39:21
Google
osv.dev
15
node.js
command injection
security vulnerability
pid parameter
EPSS
0.005
Percentile
77.3%
lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter.
References
advisory.dw1.io/4
github.com/coreybutler/node-windows
github.com/coreybutler/node-windows/commit/a379d31366edbd7a672a981e6c09e185ab448dd3
github.com/coreybutler/node-windows/compare/1.0.0-beta.5...1.0.0-beta.6
github.com/dwisiswant0/advisory/issues/4
nvd.nist.gov/vuln/detail/CVE-2021-45459
security.netapp.com/advisory/ntap-20220107-0004
Related
cnvd
cnvd
Nodejs command injection vulnerability
2021-12-24 00:00:00
nvd
nvd
CVE-2021-45459
2021-12-22 06:15:07
cve
cve
CVE-2021-45459
2021-12-22 06:15:07
veracode
veracode
Command Injection
2021-12-23 03:33:12
prion
prion
Command injection
2021-12-22 06:15:00
github
github
Command Injection in node-windows
2022-01-05 20:39:21
cvelist
cvelist
CVE-2021-45459
2021-12-22 05:26:49