12 matches found
EUVD-2021-0846
Malware in sbrugna...
GHSA-MM4F-47CH-F7HX Arbitrary code execution in kill-by-port
This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...
Arbitrary code execution in kill-by-port
This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...
OS Command Injection
kill-by-port is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands due to the passing of untrusted user input to the childprocess.exec function...
CVE-2021-23363
This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...
CVE-2021-23363
This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...
Design/Logic Flaw
This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...
CVE-2021-23363 Arbitrary Command Injection
This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...
CVE-2021-23363
The CVE affects the npm package kill-by-port (before v0.0.2). The root cause is unsanitized attacker-controlled input passed to child_process.exec, enabling Arbitrary Command Injection. Documented impact is arbitrary command execution via input to killByPort, with examples and a PoC in Snyk data ...
CVE-2021-23363
This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...
Guy Mograbi kill-by-port 命令注入漏洞
Guy Mograbi kill-by-port is a Guy Mograbi open source application. It is used to kill processes. A security vulnerability exists in kill-by-port before 0.0.2, which can be exploited by attackers to execute arbitrary commands...
Arbitrary Command Injection
Overview kill-by-port is a kills process by port Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the...