Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Roar-pidusage Project Subscribe
Filtered by product Roar-pidusage
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23380 1 Roar-pidusage Project 1 Roar-pidusage 2021-04-22 7.5 HIGH 7.3 HIGH
This affects all versions of package roar-pidusage. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.