Textract Project: >> Textract >> 1.0.0 Security Vulnerabilities
textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. This may be a remote attack if a web application accepts names of arbitrary uploaded files.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-06