Description
BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. This vulnerability is exploited by loading a crafted camera calibration file.
Remediation
References
https://github.com/lessthanoptimal/BoofCV/issues/406
Related Vulnerabilities
CVE-2023-5217 Vulnerability in npm package electron
CVE-2023-40810 Vulnerability in maven package org.opencrx:opencrx-core-models
CVE-2019-10769 Vulnerability in maven package org.webjars.npm:safer-eval
CVE-2021-3645 Vulnerability in npm package @viking04/merge
CVE-2019-10785 Vulnerability in maven package org.webjars.npm:dojox