Versions of kill-port
prior to 1.3.2 are vulnerable to Command Injection. The package does not validate user input on the kill
function. This may allow attackers to run arbitrary commands in the system if user input (such as the port number) is passed directly to the function.
Upgrade to version 1.3.2 or later.