CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2017-12864 — HIGH severity vulnerability | Release Alert
CVE-2017-12864
8.8
HIGHCVSS v3
Published
August 15, 2017
CVSS v2
6.8 MEDIUM
Affected
5 projects
Assigned by
MITRE
Severity scale
010
Description
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
NuGet GalleryOpenCV (Open Source Computer Vision) is a library of programming functions for realtime computer vision. OpenCV is released under a BSD license and hence it’s free for both academic and commercial use. It has C++, C, Python and Java (Android) interfaces and supports Windows, Linux, Android, iOS and Mac OS. It has more than 2500 optimized algorithms. Adopted all around the world, OpenCV has more than 7 million downloads growing by nearly 200K/month. Usage ranges from interactive art, to mines inspection, stitching maps on the web on through advanced robotics.