2 matches found
CVE-2019-10783
All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input...
@mdslab/iotronic-lightning-rod (>=2.3.1 <=2.3.6), @servicenow/cli-archetype-dev (>=17.0.2 <=24.0.1) +14 more potentially affected by CVE-2019-10783 via lsof (=0.1.0)
lsof NPM version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on lsof and may be impacted: - @mdslab/iotronic-lightning-rod =2.3.1, =17.0.2, =17.0.2, =17.0.2, =0.1.0, =0.0.2, =0.0.1, =0.2.2, =0.11.0, =0.3.5, =0.0.1, =2.0.9, =2.0.12 and more Sour...