peterbraden/node-opencv
Releases4
Frequency11 months 5 hours
Last Release
Stars4.39K
OpenCV Bindings for node.js
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| < 6.1.0 | — | 7.5 HIGH | ||
utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands. | ||||
| all versions | — | 5 MEDIUM | ||
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||