Newton's Programmatic Measurements
    Severity: high

    Remote Code Execution



    Versions of node-os-utils prior to 1.1.0 are vulnerable to Remote Code Execution. Due to insufficient input validation an attacker could run arbitrary commands on the server thus rendering the package vulnerable to Remote Code Execution.


    Upgrade to version 1.1.0 or later.

    Have content suggestions? Visit

    Advisory timeline

    1. published

      Advisory Published
      Feb 14th, 2019
    2. reported

      Reported by Frank Tip
      Feb 14th, 2019