DEBIAN-CVE-2020-26245

npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or...

Command injection

npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or...

CVE-2020-26245

npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or...

CVE-2020-26245

The CVE concerns the npm package systeminformation (prior to v4.30.5). A Prototype Pollution flaw can lead to Command Injection, with fixes implemented by rewriting shell sanitations to prevent pollution. Affected versions are before 4.30.5; remediation is to upgrade to v4.30.5 (or at least v4.30...

CVE-2020-26245 Prototype Pollution leading to Command Injection in systeminformation

npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or...

Prototype Pollution in systeminformation

Impact command injection vulnerability by prototype pollution Patches Problem was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. Please upgrade to version = 4.30.2 Workarounds If you cannot upgrade, be sure to check or sanitize service parameter strings that are...

@azteam/monitor (>=1.0.1 <=1.0.9), @bb-cli/e2e-bb-test (>=2.8.3-5 <=2.8.4) +217 more potentially affected by CVE-2020-26245 via systeminformation (>=3.30.6 <=4.30.11)

systeminformation NPM version =3.30.6, =1.0.1, =2.8.3-5, =1.0.7, =1.0.0, =1.0.148 and more Source cves: CVE-2020-26245 Source advisory: OSV:GHSA-4V2W-H9JM-MQJG...

GHSA-4V2W-H9JM-MQJG Prototype Pollution in systeminformation

Impact command injection vulnerability by prototype pollution Patches Problem was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. Please upgrade to version = 4.30.2 Workarounds If you cannot upgrade, be sure to check or sanitize service parameter strings that are...

Systeminformation Operating System Command Injection Vulnerability

systeminformation is an Npm software library that can obtain operating system information. An operating system command injection vulnerability exists in versions prior to npm package systeminformation 4.30.5, which stems from the fact that npm package systeminformation is susceptible to prototype...

DEBIAN-CVE-2020-7778

This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands...

CVE-2020-7778

This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands...

CVE-2020-7778

This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands...

CVE-2020-7778

CVE-2020-7778 affects systeminformation prior to 4.30.2. It is a prototype pollution vulnerability where an attacker can overwrite object properties (e.g., proto ) to cause code execution, potentially enabling OS commands. Affected versions: systeminformation

CVE-2020-7778 Prototype Pollution

This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands...

CVE-2020-7778

This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands...

Systeminformation Operating System Command Injection Vulnerability

systeminformation is an Npm software library for individual developers individual developers to obtain operating system information. A security vulnerability exists in systeminformation version 4.30.2, which can be exploited by an attacker to override properties and functions of an object, leadin...

@azteam/monitor (>=1.0.1 <=1.0.9), @best/builder (=4.0.0-beta10) +24 more potentially affected by CVE-2020-26245 +1 more via systeminformation (>=4.0.10 <=4.30.11)

systeminformation NPM version =4.0.10, =1.0.1, =0.0.3, =1.1.0, =1.2.3 - @hnordt/sysinfo =0.1.1 and more Source cves: CVE-2020-26245, CVE-2020-7778 Source advisory: SNYK:JS-SYSTEMINFORMATION-1043753...

Prototype Pollution

Overview systeminformation is a simple system and OS information library. Affected versions of this package are vulnerable to Prototype Pollution. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands. Note: The fix for this vulnerability is...

OS Command Injection

systeminformation is vulnerable to OS command injection. The inetChecksite, services, inetChecksite, inetLatency, networkStats, services and processLoad functions allow an attacker to inject and execute arbitrary OS commands due to insufficient sanitization...

@azteam/monitor (>=1.0.1 <=1.0.9), @bb-cli/e2e-bb-test (>=2.8.3-5 <=2.8.4) +205 more potentially affected by CVE-2020-26300 via systeminformation (>=3.30.6 <=4.26.12)

systeminformation NPM version =3.30.6, =1.0.1, =2.8.3-5, =1.0.7, =1.0.0, =0.0.3, =1.0.0, =1.1.0, =5.0.0, =1.0.0, =1.0.0-beta.7, =0.1.0, =0.1.0, =0.5.0-unstable-20220415132826 and more Source cves: CVE-2020-26300 Source advisory: OSV:GHSA-FJ59-F6C3-3VW4...