Command Injection Vulnerability in lsof npm Module

Command Injection Vulnerability in lsof npm Module

CVE-2019-10783 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input.

Learn more about our User Device Pen Test.