CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Node Opencv Project 1Node Opencv Nov 21, 2024 Mar 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands. |
1Node Opencv Project 1Node Opencv Nov 21, 2024 Jun 7, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |