pomelo-monitor is a Simple, comprehensive monitoring tool for operating-system and process in nodejs.
Affected versions of this package are vulnerable to Remote Code Execution (RCE). Due to insufficient input validation, an attacker could run arbitrary commands on the server.
There is no fixed version for
Do your applications use this vulnerable package?
- Frank Tip
- Snyk ID
- 14 Feb, 2018
- 28 Dec, 2018