inetLatency() command injection vulnaribility fix

docs/security.html

@@ -42,6 +42,23 @@
           <div class="col-12 sectionheader">
             <div class="title">Security Advisories</div>
             <div class="text">
+              <h2>Command Injection Vulnerability</h2>
+              <p><span class="bold">Affected versions:</span>
+                < 4.31.1<br>
+                  <span class="bold">Date:</span> 2020-12-11<br>
+                  <span class="bold">CVE indentifier</span> (not yet)
+              </p>
+
+              <h4>Impact</h4>
+              <p>Here we had an issue that there was a possibility to inject commands to the command line of your machine via systeminformation. Affected commands: <span class="code">inetLatency()</span>.</p>
+
+              <h4>Patch</h4>
+              <p>Problem was fixed with a shell string sanitation fix. Please upgrade to version >= 4.31.1</p>
+
+              <h4>Workarround</h4>
+              <p>If you cannot upgrade, be sure to check or sanitize service parameter strings that are passed to <span class="code">inetLatency()</span></p>
+
+
               <h2>command injection vulnerability - prototype pollution</h2>
               <p><span class="bold">Affected versions:</span>
                 < 4.30.5<br>