listening-processes

vulnerability arbitrary code injection
severity 3.8
language javascript
registry npm

Overview

Affected versions of this package are vulnerable to Arbitrary Code Injection. An attacker can execute arbitrary commands by escaping the binaries used by the module since it uses bash commands.