CVE-2020-28426

All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId.