Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-10061 | 1 Node-opencv Project | 1 Node-opencv | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands. | |||||
CVE-2017-16067 | 1 Node-opencv Project | 1 Node-opencv | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |