Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2021-21315

Npm package | System Information Library for Node.JSAdded 2022-01-18Remediation Deadline 2022-02-01

System Information Library for Node.JS Command Injection

In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-78

References