All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port...
7.8CVSS
7.7AI Score
0.0005EPSS
This affects the package kill-by-port before 0.0.2. If (attacker-controlled) user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input...
8.8CVSS
8.9AI Score
0.005EPSS
All versions of package kill-process-on-port are vulnerable to Command Injection via...
7.3CVSS
7.4AI Score
0.002EPSS
The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection...
9.8CVSS
9.4AI Score
0.01EPSS
If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port <...
8.1CVSS
7.9AI Score
0.004EPSS