Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/pidusage@0.0.5
purl pkg:npm/pidusage@0.0.5
Next non-vulnerable version 1.1.5
Latest non-vulnerable version 1.1.5
Risk
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-ba2z-xjzy-xbep
Aliases:
CVE-2017-16034
GHSA-hfq9-rfpv-j8r8
GMS-2020-757
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in pidusage.
1.1.5
Affected by 0 other vulnerabilities.
VCID-zqxw-jzqq-akfw
Aliases:
GMS-2017-137
Command Injection The pidusage module passes unsanitized input to child_process.exec, resulting in command injection in the ps method, as the pid is never cast to an integer as the comment expects. This module is vulnerable to this PoC on Darwin, SunOS, FreeBSD, and AIX. Windows and Linux are not vulnerable.
1.1.5
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-04T20:35:07.412165+00:00 GitLab Importer Affected by VCID-ba2z-xjzy-xbep https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/pidusage/GMS-2020-757.yml 38.6.0
2026-06-04T20:08:09.376687+00:00 GitLab Importer Affected by VCID-zqxw-jzqq-akfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/pidusage/GMS-2017-137.yml 38.6.0