github.com/sajari/docconv is vulnerable to remote code execution. Lack of proper checking of exec.Command
in PDFHasImage
function of the file pdf_ocr.go
allows an attacker to upload and execute malicious code on the system under attack.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/sajari/docconv | le | v1.2.0 | |
github.com/sajari/docconv | le | v1.2.0 |