← Back

Portprocesses

portprocesses

Vendor: Portprocesses Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-23348
1Portprocesses Project
1Portprocesses
Nov 21, 2024
Mar 31, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
This affects the package portprocesses before 1.0.5. If (attacker-controlled) user input is given to the killProcess function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child...Show more
This affects the package portprocesses before 1.0.5. If (attacker-controlled) user input is given to the killProcess function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.Show less