CVE-2020-26274

Published December 16th, 2020

View on NVD ↗

CVSS v3

6.4

MEDIUM

CVSS v2

7.5

HIGH

Affected

PROJECTS

Description

In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix.

systeminformation

Advanced, lightweight system and OS information library

NPM

sebhildebrandt/systeminformation

System Information Library for Node.JS

GitHub

3.11K