Command Injection Vulnerability in systeminformation (GHSA-m57p-p67h-mq74)
- Severity:
- Medium
Description
command injection vulnerability
Recommendation
Update the systeminformation package to the latest compatible version. Followings are version details:
- Affected version(s): < 4.31.1
- Patched version(s): 4.31.1
References
Related Issues
- `vega-functions` vulnerable to Cross-site Scripting via `setdata` function - CVE-2025-66648
- systeminformation has a Command Injection vulnerability in fsSize() function on Windows - CVE-2025-68154
- Command Injection Vulnerability - CVE-2021-21315
- @sveltejs/kit vulnerable to Cross-site Scripting via tracked search_params - CVE-2025-32388
- Tags:
- npm
- systeminformation
Anything's wrong? Let us know Last updated on January 09, 2023