CVE-2021-23363

CVE-2021-23363

This affects the package kill-by-port before 0.0.2.
If (attacker-controlled) user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands.
This is due to use of the child_process exec function without input sanitization.

Source: CVE-2021-23363

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다