mike/systeminformation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated docs

Browse Source
This commit is contained in:
Sebastian Hildebrandt
2021-05-04 16:23:13 +02:00
parent 2b9aeae762
commit 6cd9dd15b0
7 changed files with 61 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/v4/history.html
+11 -1
View File
@@ -83,6 +83,16 @@
</tr>
</thead>
<tbody>
<tr>
<th scope="row">4.34.21</th>
<td>2021-05-04</td>
<td><span class="code">dockerContainerInspect()</span> <span class="code">dockerContainerProcesses()</span> parameter validation fix</td>
</tr>
<tr>
<th scope="row">4.34.20</th>
<td>2021-05-04</td>
<td><span class="code">versions()</span> parameter sanitation</td>
</tr>
<tr>
<th scope="row">4.34.19</th>
<td>2021-03-16</td>
@@ -2132,4 +2142,4 @@
</body>
</html>
</html>
docs/v4/index.html
+3 -3
View File
@@ -165,12 +165,12 @@
<body>
<header class="bg-image-full">
<div class="container">
<a href="security.html" class="recommendation">Security advisory:<br>Update to v4.34.20</a>
<a href="security.html" class="recommendation">Security advisory:<br>Update to v4.34.21</a>
<img class="logo" src="assets/logo.png">
<div class="title">systeminformation </div>
<div class="subtitle"><span id="typed"></span>&nbsp;</div>
<div class="version larger">Version 4 documentation</div>
<div class="version">Current Version: <span id="version">4.34.20</span></div>
<div class="version">Current Version: <span id="version">4.34.21</span></div>
<button class="btn btn-light" onclick="location.href='https://github.com/sebhildebrandt/systeminformation'">View on Github <i class=" fab fa-github"></i></button>
</div>
<div class="down">
@@ -369,4 +369,4 @@
</script>
</body>
</html>
</html>
docs/v4/security.html
+18 -1
View File
@@ -47,6 +47,23 @@
<p class="warning">This can lead to serious impact on your servers!</p>
<p>We highly recommend to always upgrade to the latest version of our package. We maintain security updates for version 5 AND also version 4. For version 4 you can install latest version by placing <span class="code">"systeminformation": "^4"</span> in your package.json (dependencies) and run <span class="code">npm install</span></p>
<h2>Command Injection Vulnerability</h2>
<p><span class="bold">Affected versions:</span>
&lt; 4.34.21<br>
<span class="bold">Date:</span> 2021-05-04<br>
<span class="bold">CVE indentifier</span> -
</p>
<h4>Impact</h4>
<p>We had an issue that there was a possibility to perform a potential command injection possibility by passing a non string values as a parameter to the <span class="code">dockerContainerInspect()</span>, <span class="code">dockerContainerProcesses()</span>.</p>
<h4>Patch</h4>
<p>Problem was fixed with parameter checking. Please upgrade to version >= 4.34.21 if you are using version 4.</p>
<h4>Workarround</h4>
<p>If you cannot upgrade, be sure to check or sanitize parameter strings that are passed to <span class="code">dockerContainerInspect()</span>, <span class="code">dockerContainerProcesses()</span> (string only)</p>
<hr>
<br>
<h2>Command Injection Vulnerability</h2>
<p><span class="bold">Affected versions:</span>
&lt; 4.34.20<br>
@@ -231,4 +248,4 @@
</script>
</body>
</html>
</html>