Search for packages
| purl | pkg:npm/pidusage@1.0.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5mrz-3b9x-bue3
Aliases: GMS-2017-137 |
Command Injection The pidusage module passes unsanitized input to child_process.exec, resulting in command injection in the ps method, as the pid is never cast to an integer as the comment expects. This module is vulnerable to this PoC on Darwin, SunOS, FreeBSD, and AIX. Windows and Linux are not vulnerable. |
Affected by 0 other vulnerabilities. |
|
VCID-hv35-hwj2-x3h9
Aliases: CVE-2017-16034 GHSA-hfq9-rfpv-j8r8 GMS-2020-757 |
Command Injection in pidusage |
Affected by 0 other vulnerabilities. |
|
VCID-pn7m-uesu-mqcf
Aliases: CVE-2017-1000220 GHSA-h2p3-h48h-9jj7 |
PIDUsage Enables OS Command Injection |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-13T16:40:46.502751+00:00 | GitLab Importer | Affected by | VCID-hv35-hwj2-x3h9 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/pidusage/GMS-2020-757.yml | 38.6.0 |
| 2026-06-12T18:07:34.724222+00:00 | GitLab Importer | Affected by | VCID-pn7m-uesu-mqcf | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/pidusage/CVE-2017-1000220.yml | 38.6.0 |
| 2026-06-12T16:53:20.346423+00:00 | GitLab Importer | Affected by | VCID-5mrz-3b9x-bue3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/pidusage/GMS-2017-137.yml | 38.6.0 |