Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2022/08/03 12:0 a.m.7 views

npos-cli (>=0.0.5 <=0.0.6) potentially affected by CVE-2020-28453 via npos-tesseract (=0.0.3)

npos-tesseract NPM version =0.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on npos-tesseract and may be impacted: - npos-cli =0.0.5, =0.0.6 Source cves: CVE-2020-28453 Source advisory: OSV:GHSA-MPWP-PF96-9G4R...

9.8CVSS7.2AI score0.0109EPSS
Exploits1
NVD
NVD
added 2022/08/02 2:15 p.m.15 views

CVE-2020-28453

This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js...

9.8CVSS0.0109EPSS
Exploits1References1
OSV
OSV
added 2022/08/02 2:15 p.m.3 views

CVE-2020-28453

This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js...

9.8CVSS5.8AI score0.0109EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/08/02 1:25 p.m.17 views

CVE-2020-28453 Command Injection

This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js...

9.4CVSS9.7AI score0.0109EPSS
Exploits1References1
CVE
CVE
added 2022/08/02 1:25 p.m.57 views

CVE-2020-28453

CVE-2020-28453 affects all versions of the npm package npos-tesseract. The vulnerability is a command injection flaw caused by improper sanitization at line 55 in lib/ocr.js, enabling injection via options/image parameters. Public sources describe the issue as critical (CVSS up to 9.8 from NVD) w...

9.8CVSS9.7AI score0.0109EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder