Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/systeminformation@4.30.5
Typenpm
Namespace
Namesysteminformation
Version4.30.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.6.4
Latest_non_vulnerable_version5.31.6
Affected_by_vulnerabilities
0
url VCID-297u-ugtg-bkdd
vulnerability_id VCID-297u-ugtg-bkdd
summary 
OS Command Injection
systeminformation suffers from a command injection vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26274
reference_id
reference_type
scores
0
value 0.01389
scoring_system epss
scoring_elements 0.80682
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26274
1
reference_url https://github.com/sebhildebrandt/systeminformation/commit/1faadcbf68f1b1fdd5eb2054f68fc932be32ac99
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/commit/1faadcbf68f1b1fdd5eb2054f68fc932be32ac99
2
reference_url https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-m57p-p67h-mq74
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-m57p-p67h-mq74
3
reference_url https://www.npmjs.com/advisories/1590
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1590
4
reference_url https://www.npmjs.com/package/systeminformation
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/systeminformation
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26274
reference_id CVE-2020-26274
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26274
fixed_packages
0
url pkg:npm/systeminformation@4.31.1
purl pkg:npm/systeminformation@4.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fen5-17u8-efbs
1
vulnerability VCID-us5p-3w2r-13e6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/systeminformation@4.31.1
aliases CVE-2020-26274, GHSA-m57p-p67h-mq74
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-297u-ugtg-bkdd
1
url VCID-fen5-17u8-efbs
vulnerability_id VCID-fen5-17u8-efbs
summary 
OS Command Injection
systeminformation is an open source system and OS information library for node.Please upgrade to If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() and other commands. Only allow strings, reject any arrays. String sanitation works as expected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21388
reference_id
reference_type
scores
0
value 0.00617
scoring_system epss
scoring_elements 0.7032
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21388
1
reference_url https://github.com/sebhildebrandt/systeminformation/commit/01ef56cd5824ed6da1c11b37013a027fdef67524
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/commit/01ef56cd5824ed6da1c11b37013a027fdef67524
2
reference_url https://github.com/sebhildebrandt/systeminformation/commit/0be6fcd575c05687d1076d5cd6d75af2ebae5a46
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/commit/0be6fcd575c05687d1076d5cd6d75af2ebae5a46
3
reference_url https://github.com/sebhildebrandt/systeminformation/commit/7922366d707de7f20995fc8e30ac3153636bf35f
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/commit/7922366d707de7f20995fc8e30ac3153636bf35f
4
reference_url https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-jff2-qjw8-5476
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-jff2-qjw8-5476
5
reference_url https://www.npmjs.com/package/systeminformation
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/systeminformation
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21388
reference_id CVE-2021-21388
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21388
fixed_packages
0
url pkg:npm/systeminformation@5.6.4
purl pkg:npm/systeminformation@5.6.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/systeminformation@5.6.4
aliases CVE-2021-21388, GHSA-jff2-qjw8-5476
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fen5-17u8-efbs
2
url VCID-us5p-3w2r-13e6
vulnerability_id VCID-us5p-3w2r-13e6
summary 
Command Injection Vulnerability
command injection vulnerability
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21315
reference_id
reference_type
scores
0
value 0.9396
scoring_system epss
scoring_elements 0.99892
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21315
1
reference_url https://github.com/sebhildebrandt/systeminformation
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation
2
reference_url https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525
3
reference_url https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05@%3Cissues.cordova.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05@%3Cissues.cordova.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E
5
reference_url https://security.netapp.com/advisory/ntap-20210312-0007
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210312-0007
6
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21315
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21315
7
reference_url https://www.npmjs.com/package/systeminformation
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/systeminformation
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21315
reference_id CVE-2021-21315
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21315
9
reference_url https://github.com/advisories/GHSA-2m8v-572m-ff2v
reference_id GHSA-2m8v-572m-ff2v
reference_type
scores
url https://github.com/advisories/GHSA-2m8v-572m-ff2v
10
reference_url https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v
reference_id GHSA-2m8v-572m-ff2v
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v
fixed_packages
0
url pkg:npm/systeminformation@5.3.1
purl pkg:npm/systeminformation@5.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fen5-17u8-efbs
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/systeminformation@5.3.1
aliases CVE-2021-21315, GHSA-2m8v-572m-ff2v
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-us5p-3w2r-13e6
Fixing_vulnerabilities
0
url VCID-6t9m-cpgx-z3hb
vulnerability_id VCID-6t9m-cpgx-z3hb
summary 
OS Command Injection
npm package systeminformation is vulnerable to Prototype Pollution leading to Command Injection.If you cannot upgrade, be sure to check or sanitize service parameter strings that are passed to `si.inetChecksite().`
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26245
reference_id
reference_type
scores
0
value 0.0113
scoring_system epss
scoring_elements 0.78661
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26245
1
reference_url https://github.com/sebhildebrandt/systeminformation/commit/8113ff0e87b2f422a5756c48f1057575e73af016
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/commit/8113ff0e87b2f422a5756c48f1057575e73af016
2
reference_url https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-4v2w-h9jm-mqjg
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-4v2w-h9jm-mqjg
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26245
reference_id CVE-2020-26245
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26245
fixed_packages
0
url pkg:npm/systeminformation@4.30.5
purl pkg:npm/systeminformation@4.30.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-297u-ugtg-bkdd
1
vulnerability VCID-fen5-17u8-efbs
2
vulnerability VCID-us5p-3w2r-13e6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/systeminformation@4.30.5
aliases CVE-2020-26245, GHSA-4v2w-h9jm-mqjg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6t9m-cpgx-z3hb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/systeminformation@4.30.5