CVE-2020-26300, GHSA-fj59-f6c3-3vw4
npm/systeminformation
Command Injection
systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation there is a command injection vulnerability. Problem was fixed with a shell string sanitation fix.
All versions before 4.26.2
Upgrade to version 4.26.2 or above.
2021-09-16
source |