CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-25644

All versions of package @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution due to improper sanitization of getProcessByName function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/pendo324/get-process-by-name-js/blob/34e8a279a94fa23acb13e302e9516ab1ea8d8731/index.js%23L27-L28
https://security.snyk.io/vuln/SNYK-JS-PENDO324GETPROCESSBYNAME-2419094
https://github.com/pendo324/get-process-by-name-js/blob/34e8a279a94fa23acb13e302e9516ab1ea8d8731/index.js%23L27-L28
https://security.snyk.io/vuln/SNYK-JS-PENDO324GETPROCESSBYNAME-2419094

Products affected by CVE-2022-25644

Get-Process-By-Name Project » Get-Process-By-Name » Version: Any

cpe:2.3:a:get-process-by-name_project:get-process-by-name:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-25644

Products

Pricing

Contact Us