EUVD-2021-1139

Malware in sbrugna...

Command Injection in psnode

This affects all current versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

GHSA-M8FM-MV5W-33PV Command Injection in psnode

This affects all current versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Arbitrary Code Execution

psnode is vulnerable to arbitrary code execution. The vulnerability exists due to the lack of sanitization, of pid in module.exports.kill, which is directly used in the childprocess.exec function...

CVE-2021-23375

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23375

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Input validation

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23375 Arbitrary Command Injection

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23375

CVE-2021-23375 affects all versions of the npm package psnode. The vulnerability is a command injection in the kill function: attacker-controlled input passed to child_process.exec without input sanitization, enabling arbitrary commands. Multiple sources (NVD, GHSA, OSV, Veracode, CVE listings) c...

CVE-2021-23375

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Arbitrary Command Injection

Overview psnode is an A Node.js KISS module to list and kill process on OSX and Windows. Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands...

npm psnode 命令注入漏洞

npm psnode is an application from the American company npm. A Node.js KISS module for listing and terminating processes on OSX and Windows. A security vulnerability exists in psnode, which can be exploited by an attacker to potentially execute arbitrary commands...