{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T00:50:14.516","vulnerabilities":[{"cve":{"id":"CVE-2021-23374","sourceIdentifier":"report@snyk.io","published":"2021-04-18T19:15:12.060","lastModified":"2024-11-21T05:51:35.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization."},{"lang":"es","value":"Esto afecta a todas las versiones del paquete ps-visitor. Si se proporciona una entrada de usuario controlada por el atacante para la función kill, es posible para un atacante ejecutar comandos arbitrarios. Esto es debido al uso de la función exec child_process sin un saneamiento de la entrada"}],"metrics":{"cvssMetricV31":[{"source":"report@snyk.io","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ps-visitor_project:ps-visitor:*:*:*:*:*:node.js:*:*","matchCriteriaId":"33B18D7F-F362-4C4A-B5D0-B591EF068FF7"}]}]}],"references":[{"url":"https://github.com/WisdomKwan/ps-visitor/blob/cdfc934a8e4af95aa0473f4b2a4bd091d09faf2f/index.js%23L404","source":"report@snyk.io","tags":["Broken Link"]},{"url":"https://snyk.io/vuln/SNYK-JS-PSVISITOR-1078544","source":"report@snyk.io","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/WisdomKwan/ps-visitor/blob/cdfc934a8e4af95aa0473f4b2a4bd091d09faf2f/index.js%23L404","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://snyk.io/vuln/SNYK-JS-PSVISITOR-1078544","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}