Description
All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId.
Remediation
References
https://snyk.io/vuln/SNYK-JS-KILLPROCESSONPORT-1055458
Related Vulnerabilities
CVE-2023-26488 Vulnerability in npm package @openzeppelin/contracts-upgradeable
CVE-2021-21293 Vulnerability in maven package org.http4s:blaze-core_2.12
CVE-2021-3461 Vulnerability in maven package org.keycloak:keycloak-services
CVE-2020-7727 Vulnerability in npm package gedi
CVE-2022-3952 Vulnerability in maven package com.manydesigns:portofino-microservice-launcher