Vulnerability Details CVE-2019-10061
utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.066
EPSS Ranking 90.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://github.com/peterbraden/node-opencv/commit/81a4b8620188e89f7e4fc985f3c89b58d4bcc86b
- https://github.com/peterbraden/node-opencv/commit/aaece6921d7368577511f06c94c99dd4e9653563
- https://www.npmjs.com/advisories/789
- https://github.com/peterbraden/node-opencv/commit/81a4b8620188e89f7e4fc985f3c89b58d4bcc86b
- https://github.com/peterbraden/node-opencv/commit/aaece6921d7368577511f06c94c99dd4e9653563
- https://www.npmjs.com/advisories/789
Products affected by CVE-2019-10061
-
cpe:2.3:a:node-opencv_project:node-opencv:-
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.1
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.10
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.11
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.12
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.2
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.3
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.4
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.5
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.6
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.7
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.8
-
cpe:2.3:a:node-opencv_project:node-opencv:0.0.9
-
cpe:2.3:a:node-opencv_project:node-opencv:0.1.0
-
cpe:2.3:a:node-opencv_project:node-opencv:0.2.0
-
cpe:2.3:a:node-opencv_project:node-opencv:0.3.0
-
cpe:2.3:a:node-opencv_project:node-opencv:0.3.1
-
cpe:2.3:a:node-opencv_project:node-opencv:0.4.0
-
cpe:2.3:a:node-opencv_project:node-opencv:0.5.0
-
cpe:2.3:a:node-opencv_project:node-opencv:0.6.0
-
cpe:2.3:a:node-opencv_project:node-opencv:0.7.0
-
cpe:2.3:a:node-opencv_project:node-opencv:1.0.0
-
cpe:2.3:a:node-opencv_project:node-opencv:1.0.2
-
cpe:2.3:a:node-opencv_project:node-opencv:2.0.0
-
cpe:2.3:a:node-opencv_project:node-opencv:3.0.0
-
cpe:2.3:a:node-opencv_project:node-opencv:3.1.0
-
cpe:2.3:a:node-opencv_project:node-opencv:3.2.0
-
cpe:2.3:a:node-opencv_project:node-opencv:4.0.0
-
cpe:2.3:a:node-opencv_project:node-opencv:5.0.0
-
cpe:2.3:a:node-opencv_project:node-opencv:6.0.0