5 matches found
CVE-2025-63705
NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...
stats-fr-emarque-basketball-extractor (>=1.0.0 <=1.0.2) potentially affected by CVE-2025-63705 via node-ts-ocr (=1.0.15)
node-ts-ocr NPM version =1.0.15 is affected by a known vulnerability. The following packages have a transitive dependency on node-ts-ocr and may be impacted: - stats-fr-emarque-basketball-extractor =1.0.0, =1.0.2 Source cves: CVE-2025-63705 Source advisory: OSV:GHSA-8JH2-3MW6-6PFM...
CVE-2025-63705
NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...
CVE-2025-63705
NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...
CVE-2025-63705
The CVE-2025-63705 entry concerns the NPM package node-ts-ocr version 1.0.15, with a reported OS Command Injection via the invokeImageOcr function in src/index.js. The vulnerability is described as enabling arbitrary command execution with a network attack vector, as indicated by the CVSS 3.1 met...