Lucene search
SnykCVE-2020-28446HistoryJul 25, 2022 - 2:15 p.m.
CVE-2020-28446
2022-07-2514:15:09
CWE-77
snyk
web.nvd.nist.gov
23
4
cve-2020-28446
package
ntesseract
command injection
vulnerability
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.002
Percentile
53.6%
The package ntesseract before 0.2.9 are vulnerable to Command Injection via lib/tesseract.js.
Affected configurations
Node
ntesseract_projectntesseractRange<0.2.9node.js
CNA Affected
[
{
"product": "ntesseract",
"vendor": "n/a",
"versions": [
{
"lessThan": "0.2.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2020-28446
2022-07-25 14:15:09
osv
osv
ntesseract vulnerable to Command Injection
2022-07-26 00:01:05
CVE-2020-28446
2022-07-25 14:15:09
cvelist
cvelist
CVE-2020-28446 Command Injection
2022-07-25 00:00:00
veracode
veracode
Command Injection
2022-07-26 05:25:16
prion
prion
Command injection
2022-07-25 14:15:00
github
github
ntesseract vulnerable to Command Injection
2022-07-26 00:01:05
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.002
Percentile
53.6%
Related for CVE-2020-28446