Critical severity9.8NVD Advisory· Published Nov 17, 2017· Updated Jun 17, 2026
CVE-2017-1000220
CVE-2017-1000220
Description
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pidusagenpm | < 1.1.5 | 1.1.5 |
Affected products
2Patches
Vulnerability mechanics
References
5- nodesecurity.io/advisories/356nvdExploitMitigationThird Party Advisory
- github.com/advisories/GHSA-h2p3-h48h-9jj7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000220ghsaADVISORY
- github.com/soyuka/pidusage/commit/b70eca15f7ca7f1b82a15f8a5d4bb48737f5a89dghsaWEB
- web.archive.org/web/20201208183910/https://www.npmjs.com/advisories/356ghsaWEB
News mentions
0No linked articles in our index yet.