3 matches found
killsome (>=0.0.3 <=0.1.3) potentially affected by CVE-2018-16460 via ps (=0.0.2)
ps NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on ps and may be impacted: - killsome =0.0.3, =0.1.3 Source cves: CVE-2018-16460 Source advisory: OSV:GHSA-CFHG-9X44-78H2...
CVE-2018-16460
Summary: CVE-2018-16460 describes a command injection in the Node.js ps package when using versions before 1.0.0. The vulnerability arises because an attacker can control the PID, allowing arbitrary commands to be executed on the affected system. Affected software: ps package (Node.js ecosystem),...
CVE-2018-16460
A command Injection in ps package versions 1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID...