Description
BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. This vulnerability is exploited by loading a crafted camera calibration file.
Remediation
References
https://github.com/lessthanoptimal/BoofCV/issues/406
Related Vulnerabilities
CVE-2022-23059 Vulnerability in maven package com.shopizer:sm-shop-model
CVE-2020-6858 Vulnerability in maven package com.hotels.styx:styx-components
CVE-2020-7603 Vulnerability in npm package closure-compiler-stream
CVE-2022-21231 Vulnerability in npm package deep-get-set
CVE-2010-1330 Vulnerability in maven package org.jruby:jruby