VYPR

npm package

kill-by-port

pkg:npm/kill-by-port

Vulnerabilities (1)

  • CVE-2021-23363Mar 30, 2021
    affected < 0.0.2fixed 0.0.2

    This affects the package kill-by-port before 0.0.2. If (attacker-controlled) user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.