EUVD-2021-1176

Malware in sbrugna...

GHSA-R6FW-8M27-43C9 Command injection in portkiller

This affects all versions of package portkiller. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Command injection in portkiller

This affects all versions of package portkiller. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Remote Code Execution (RCE)

portkiller is vulnerable to remote code execution. The vulnerability exists due to the usage of the childprocess.exec function without input sanitization...

CVE-2021-23379

This affects all versions of package portkiller. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Design/Logic Flaw

This affects all versions of package portkiller. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23379 Arbitrary Command Injection

This affects all versions of package portkiller. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23379

CVE-2021-23379 – portkiller (npm) : Portkiller is vulnerable to remote arbitrary command execution via attacker-controlled input passed to the child_process.exec function without input sanitization. Root cause: unsanitized user input in the portkiller execution path. Affected: all versions of por...

CVE-2021-23379

This affects all versions of package portkiller. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

npm portkiller 命令注入漏洞

npm Portkiller is an application from the American company npm. Provides a kill port function. Portkiller has a security vulnerability that can be exploited by an attacker to potentially execute arbitrary commands. This is due to the use of child processes to execute functions without input...

OS Command Injection

portkiller is vulnerable to OS command injection. An attacker is able to inject and execute malicious command via the use of the childprocess exec function as it does not sanitize the input...

Arbitrary Command Injection

Overview portkiller is a port killer. Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input...