EUVD-2021-1192

Malware in sbrugna...

Command Injection in ps-visitor

This affects all versions up to and including version 0.0.2 of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

GHSA-V2JV-33GH-XX29 Command Injection in ps-visitor

This affects all versions up to and including version 0.0.2 of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Remote Code Execution (RCE)

ps-visitor is vulnerable to remote code execution. The vulnerability exists due to a usage of the childprocess.exec function without input sanitization of user input...

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Input validation

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23374 Arbitrary Command Injection

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23374

CVE-2021-23374 affects all versions of the Node.js package ps-visitor. The vulnerability stems from using the built-in child_process.exec in the package’s kill function without input sanitization, allowing attacker-controlled input to execute arbitrary commands. Multiple sources confirm this comm...

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Arbitrary Command Injection

Overview ps-visitor is a Node.js visit command ps aux and kill. Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the...

ps-visitor 命令注入漏洞

npm ps-visitor is an application from npm, Inc. node.js access commands ps aux and kill. ps-visitor has a security vulnerability that can be exploited by an attacker to potentially execute arbitrary commands. This is due to the use of child processes to execute functions without input validation...