CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2017-12863 — HIGH severity vulnerability | Release Alert
CVE-2017-12863
8.8
HIGHCVSS v3
Published
August 15, 2017
CVSS v2
6.8 MEDIUM
Affected
5 projects
Assigned by
MITRE
Severity scale
010
Description
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
NuGet GalleryOpenCV (Open Source Computer Vision) is a library of programming functions for realtime computer vision. OpenCV is released under a BSD license and hence it’s free for both academic and commercial use. It has C++, C, Python and Java (Android) interfaces and supports Windows, Linux, Android, iOS and Mac OS. It has more than 2500 optimized algorithms. Adopted all around the world, OpenCV has more than 7 million downloads growing by nearly 200K/month. Usage ranges from interactive art, to mines inspection, stitching maps on the web on through advanced robotics.