@abtnode/blocklet-services (>=1.16.6 <=1.17.12-beta-20260422-093007-b389a838), @abtnode/cli (>=1.0.0 <=1.16.34-beta-20241113-102431-65542b84) +125 more potentially affected by unknown CVE via kill-port (>=2.0.0 <=2.0.1)

kill-port NPM version =2.0.0, =1.16.6, =1.0.0, =1.16.6, =0.0.0-beta.0, =0.0.0, =2.49.0, =1.0.0, =1.2.1, =1.16.6, =1.1.3, =2.6.0, =1.0.0, =0.1.1, =0.2.8, =0.2.10 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-191116...

EUVD-2025-199220

Malicious code in kill-port npm...

Malicious code in kill-port (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da8762d3a240cbf5a33e4b613b2ea601d5515824da362b82eed4b5095baa7b8c The package kill-port was found to contain malicious code. Source: ghsa-malware 12e6ea3a28f8e792e2cac11bd7aa1651eed2f77b6468a8d9aa43567dc9e95bbd Any...

Embedded Malicious Code

Overview kill-port is a Kills the process running on given port. Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The...

@abtnode/blocklet-services (>=1.16.6 <=1.17.12-beta-20260422-093007-b389a838), @abtnode/cli (>=1.0.0 <=1.16.34-beta-20241113-102431-65542b84) +125 more potentially affected by unknown CVE via kill-port (>=2.0.0 <=2.0.1)

kill-port NPM version =2.0.0, =1.16.6, =1.0.0, =1.16.6, =0.0.0-beta.0, =0.0.0, =2.49.0, =1.0.0, =1.2.1, =1.16.6, =1.1.3, =2.6.0, =1.0.0, =0.1.1, =0.2.8, =0.2.10 and more Source cves: unknown CVE Source advisory: SNYK:JS-KILLPORT-14103850...

EUVD-2019-0389

Malware in sbrugna...

EUVD-2022-6458

Malicious code in bioql PyPI...

CVE-2019-15609

The kill-port-process package version 2.2.0 is vulnerable to a Command Injection vulnerability...

mc-kill-port vulnerable to Arbitrary Command Execution via kill function

All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument...

CVE-2022-25973

All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument...

CVE-2022-25973 Arbitrary Command Execution

All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument...

CVE-2022-25973

mc-kill-port is vulnerable to Arbitrary Command Execution via the kill function due to missing sanitization of the port argument. Affected versions (as described across multiple sources) expose an exploit path where an attacker can inject commands through the port parameter, enabling local comman...

CVE-2022-25973

All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument...

PT-2022-17621 · Unknown · Mc-Kill-Port

Name of the Vulnerable Software and Affected Versions: mc-kill-port versions all Description: The issue concerns Arbitrary Command Execution via the kill function due to missing sanitization of the port argument. This allows for potential exploitation. No information is provided about the estimat...

mc-kill-port 参数注入漏洞

npm mc-kill-port is a package from npm USA that allows termination of ports. A security vulnerability exists in mc-kill-port, which stems from a lack of parameter cleanup. An attacker can exploit this vulnerability to execute arbitrary commands...

Arbitrary Command Execution

Overview mc-kill-port is a package allowing termination of ports. Affected versions of this package are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument. PoC js const kill = require"mc-kill-port"; kill"abc|echo rce newFile.txt"...

OS Command Injection and Command Injection in kill-port-process

The kill-port-process package version 2.2.0 is vulnerable to a Command Injection vulnerability...

GHSA-XP4X-J9VH-C3WF OS Command Injection and Command Injection in kill-port-process

The kill-port-process package version 2.2.0 is vulnerable to a Command Injection vulnerability...

CVE-2019-15609

The kill-port-process package version 2.2.0 is vulnerable to a Command Injection vulnerability...

CVE-2019-15609

The kill-port-process package version 2.2.0 is vulnerable to a Command Injection vulnerability...