kill-port-process@0.0.3 vulnerabilities

Easily kill hanging processes on ports - on any platform!

latest version

3.2.1
latest non vulnerable version

4.0.0-beta.0
first published

6 years ago
latest version published

a year ago
licenses detected
- ISC
  >=0
View kill-port-process package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the kill-port-process package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Command Injection Affected versions of this package are vulnerable to Command Injection. An attacker able to control the port number can insert a shell command instead of a port number, due to weak sanitisation. The command will run under the `root` user, since the `root` user is the only user able to execute the `kill` command. How to fix Command Injection? Upgrade `kill-port-process` to version 2.2.0 or higher.	<2.2.0

Command Injection

Affected versions of this package are vulnerable to Command Injection. An attacker able to control the port number can insert a shell command instead of a port number, due to weak sanitisation. The command will run under the root user, since the root user is the only user able to execute the kill command.

How to fix Command Injection?

Upgrade kill-port-process to version 2.2.0 or higher.

<2.2.0

Go back to all versions of this package

kill-port-process@0.0.3 vulnerabilities

Easily kill hanging processes on ports - on any platform!

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities