CVE-2023-29566

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-29566

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-29566.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-29566

Aliases

GHSA-88qf-5f3v-pm6m

Published

2023-04-24T18:15:09.550Z

Modified

2025-12-06T00:08:18.136898Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

huedawn-tesseract 0.3.3 and dawnsparks-node-tesseract 0.4.0 to 0.4.1 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function.

References

Affected packages

Git

github.com/rona-dinihari/dawnsparks-node-tesseract

Affected ranges

Type: GIT
Repo: https://github.com/rona-dinihari/dawnsparks-node-tesseract
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

github.com/rona-dinihari/node-tesseract

Affected ranges

Type: GIT
Repo: https://github.com/rona-dinihari/node-tesseract
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

81d1664f0b9fe521534acfae1d5b9c40127b36c1

Affected versions

v0.*

v0.0.1

v0.0.2

v0.0.3

v0.1.0

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.2.4

v0.2.5

v0.2.6

v0.2.7

v0.3.2

v0.3.3

v0.4.0