Command Injection
Overview Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 72 in lib/index.js. PoC var a =require"node-ps"; a.lookuppsargs:"& touch JHU ",function Remediation There is no fixed version for node-ps. References - NPM Package - Vulnerable...