Description
A command Injection in ps package versions <1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID.
Remediation
References
https://hackerone.com/reports/390848
Related Vulnerabilities
CVE-2023-22493 Vulnerability in npm package rsshub
CVE-2021-23331 Vulnerability in maven package com.squareup:connect
CVE-2021-43783 Vulnerability in npm package @backstage/plugin-scaffolder-backend
CVE-2018-3713 Vulnerability in npm package angular-http-server
CVE-2022-21169 Vulnerability in npm package express-xss-sanitizer