Description
A Code Injection exists in tree-kill on Windows which allows a remote code execution when an attacker is able to control the input into the command.
Remediation
References
https://hackerone.com/reports/701183
Related Vulnerabilities
CVE-2022-21718 Vulnerability in npm package electron
CVE-2023-30518 Vulnerability in maven package io.jenkins.plugins:thycotic-secret-server
CVE-2022-22984 Vulnerability in npm package snyk-gradle-plugin
CVE-2018-8012 Vulnerability in maven package org.apache.zookeeper:zookeeper
CVE-2022-43403 Vulnerability in maven package org.jenkins-ci.plugins:script-security