CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2018-7712 — HIGH severity vulnerability | Release Alert
CVE-2018-7712
7.5
HIGHCVSS v3
Published
March 5, 2018
CVSS v2
5 MEDIUM
Affected
5 projects
Assigned by
MITRE
Severity scale
010
Description
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.
NuGet GalleryOpenCV (Open Source Computer Vision) is a library of programming functions for realtime computer vision. OpenCV is released under a BSD license and hence it’s free for both academic and commercial use. It has C++, C, Python and Java (Android) interfaces and supports Windows, Linux, Android, iOS and Mac OS. It has more than 2500 optimized algorithms. Adopted all around the world, OpenCV has more than 7 million downloads growing by nearly 200K/month. Usage ranges from interactive art, to mines inspection, stitching maps on the web on through advanced robotics.