2 matches found
docconv 操作系统命令注入漏洞
docconv is Search.io open source a library . PDF, DOC, DOCX, XML, HTML, RTF , etc. will be converted to plain text. docconv 1.3.5 previous version of the existence of operating system command injection vulnerability , the vulnerability stems from the file pdfocr.go ConvertPDFImages function has a...
PT-2022-27870 · Docconv · Docconv
Name of the Vulnerable Software and Affected Versions: docconv versions prior to 1.2.1 Description: A critical issue affects the function ConvertPDFImages of the file pdf ocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely...