GHSA-H2P3-H48H-9JJ7 PIDUsage Enables OS Command Injection
Overview Affected versions of pidusage pass unsanitized input to childprocess.exec, resulting in arbitrary code execution in the ps method. This package is vulnerable to this PoC on Darwin, SunOS, FreeBSD, and AIX. Windows and Linux are not vulnerable. Proof of Concept js var pid =...