CVE-2020-7785

Command Injection

CVSS 9.8 CRITICALEPSS 2.5%

This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/fortruce/node-ps/blob/master/lib/index.js%23L72 https://snyk.io/vuln/SNYK-JS-NODEPS-1048335 https://www.npmjs.com/package/node-ps