CVE-2020-26300

Published September 9th, 2021

View on NVD ↗

CVSS v3

5.9

MEDIUM

CVSS v2

7.5

HIGH

Affected

PROJECTS

Description

systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fixed in version 4.26.2 with a shell string sanitation fix.

systeminformation

Advanced, lightweight system and OS information library

NPM

sebhildebrandt/systeminformation

System Information Library for Node.JS

GitHub

3.11K