OS Command Injection

proctree is vulnerable to OS command injection. The vulnerability exists in the getProcessTree function in index.js due to a lack of sanitization in shell metacharacters which allows attackers to execute arbitrary commands via the fix function...

OS Command Injection in proctree

OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix function...

GHSA-CV76-RV4H-4MQC OS Command Injection in proctree

OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix function...

CVE-2021-34082

OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix function...

proctree 操作系统命令注入漏洞

proctree is used to get or display the process tree. A security vulnerability exists in proctree 0.1.1 and earlier versions, which stems from the vulnerability of Node.js packages to a command injection attack that can be exploited by an attacker to remotely execute code on a machine running...

CVE-2021-34082

CVE-2021-34082 describes an OS command injection in the Node.js package proctree (versions up to 0.1.1 and the specific commit 0ac10ae575459457838f14e21d5996f2fa5c7593) where the vulnerable path is the getProcessTree/fix workflow. The root cause, per connected sources, is lack of sanitization of ...