9.7 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.8%
pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It allows injection of arbitrary commands as part of ‘pomelo-monitor’ params.
github.com/halfblood369/monitor/blob/900b5cadf59edcccac4754e5706a22719925ddb9/lib/processMonitor.js%2C
snyk.io/vuln/SNYK-JS-POMELOMONITOR-173695