4 matches found
CVE-2019-5414
If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port 1.3.2...
CVE-2019-5414
If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port 1.3.2...
CVE-2019-5414
If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port 1.3.2...
CVE-2019-5414
CVE-2019-5414 affects the Node.js module kill-port (npm package). The root cause is the use of exec in the module, which allows command injection when an attacker can control the port value. Versions prior to 1.3.2 are vulnerable. Reported impacts include arbitrary OS command execution if user in...