Lucene search

Kill-port Project Security Vulnerabilities

cve

CVE-2022-25973

All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port...

7.8CVSS

7.7AI Score

0.0005EPSS

2022-08-10 05:15 AM

cve

CVE-2021-23363

This affects the package kill-by-port before 0.0.2. If (attacker-controlled) user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input...

8.8CVSS

8.9AI Score

0.005EPSS

2021-03-30 03:15 PM

cve

CVE-2020-28426

All versions of package kill-process-on-port are vulnerable to Command Injection via...

7.3CVSS

7.4AI Score

0.002EPSS

2021-02-01 04:15 PM

cve

CVE-2019-15609

The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection...

9.8CVSS

9.4AI Score

0.01EPSS

2020-02-28 08:15 PM

cve

CVE-2019-5414

If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port <...

8.1CVSS

7.9AI Score

0.004EPSS

2019-03-21 04:01 PM