CVE-2020-28453

This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js.