Description
A command Injection in ps package versions <1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID.
Remediation
References
https://hackerone.com/reports/390848
Related Vulnerabilities
CVE-2018-16330 Vulnerability in maven package org.webjars.npm:editor.md
CVE-2018-3739 Vulnerability in npm package https-proxy-agent
CVE-2021-24122 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2022-23458 Vulnerability in maven package org.webjars.bowergithub.nhn:tui.grid
CVE-2023-44981 Vulnerability in maven package org.apache.zookeeper:zookeeper