CVE-2021-45459

Published December 22nd, 2021

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

2

PROJECTS

Description

lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter.

coreybutler/node-windows

Windows support for Node.JS scripts (daemons, eventlog, UAC, etc).

GitHub

2.93K

dwisiswant0/advisory

My advisories (backlog)

GitHub

7