All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId.