Lucene search
K

27 matches found

NVD
NVD
added 2022/12/21 10:15 p.m.26 views

CVE-2022-4643

A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdfocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1...

9.8CVSS0.01734EPSS
Exploits0References4
OSV
OSV
added 2022/12/21 10:15 p.m.15 views

CVE-2022-4643

A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdfocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1...

9.8CVSS10AI score
Exploits0References4
Prion
Prion
added 2022/12/21 10:15 p.m.21 views

Command injection

A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdfocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1...

7.5CVSS9.9AI score0.01734EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/12/21 12:0 a.m.17 views

CVE-2022-4643 docconv pdf_ocr.go ConvertPDFImages os command injection

A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdfocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1...

6.3CVSS10AI score0.01734EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/12/21 12:0 a.m.10 views

docconv 操作系统命令注入漏洞

docconv is Search.io open source a library . PDF, DOC, DOCX, XML, HTML, RTF , etc. will be converted to plain text. docconv 1.3.5 previous version of the existence of operating system command injection vulnerability , the vulnerability stems from the file pdfocr.go ConvertPDFImages function has a...

9.8CVSS6.8AI score0.01734EPSS
Exploits0References6
CVE
CVE
added 2022/12/21 12:0 a.m.68 views

CVE-2022-4643

CVE-2022-4643 affects the docconv project up to version 1.2.0, specifically the ConvertPDFImages function in pdf_ocr.go. The issue arises from manipulation of the path argument, enabling OS command injection via a remote attack. Remediation is to upgrade to version 1.2.1, with a patch identified ...

9.8CVSS8.3AI score0.01734EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/21 12:0 a.m.6 views

PT-2022-27870 · Docconv · Docconv

Name of the Vulnerable Software and Affected Versions: docconv versions prior to 1.2.1 Description: A critical issue affects the function ConvertPDFImages of the file pdf ocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely...

9.8CVSS7.9AI score0.01734EPSS
Exploits0References14
Rows per page
Query Builder