Command Injection Vulnerability in systeminformation (GHSA-m57p-p67h-mq74)

Description

command injection vulnerability

Recommendation

Update the systeminformation package to the latest compatible version. Followings are version details:

• Affected version(s): < 4.31.1
• Patched version(s): 4.31.1

References

• GHSA-m57p-p67h-mq74
• www.npmjs.com
• CVE-2020-26274
• CWE-78
• CAPEC-310
• OWASP 2021-A3
• OWASP 2021-A6

Related Issues

• systeminformation command injection vulnerability - CVE-2020-7752
• systeminformation has a Command Injection vulnerability in fsSize() function on Windows - CVE-2025-68154
• Command Injection in systeminformation - CVE-2020-26300
• OS Command Injection in systeminformation - CVE-2020-7778

Tags:

npm

systeminformation