Vulnerabilities (CVE)

Filtered by vendor Node-opencv Project Subscribe
Filtered by product Node-opencv
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10061 1 Node-opencv Project 1 Node-opencv 2024-02-04 7.5 HIGH 9.8 CRITICAL
utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands.
CVE-2017-16067 1 Node-opencv Project 1 Node-opencv 2024-02-04 5.0 MEDIUM 7.5 HIGH
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.