CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12862
https://notcve.org/view.php?id=CVE-2017-12862
In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. En modules/imgcodecs/src/grfmt_pxm.cpp, el tamaño del búfer AutoBuffer _src es más pequeño de lo esperado, lo que causará un desbordamiento de búfer de copia posteriormente. Si la imagen proviene de una fuente remota, podría provocar la ejecución remota de código o una denegación de servicio. • https://github.com/opencv/opencv/issues/9370 https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html https://security.gentoo.org/glsa/201712-02 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12599
https://notcve.org/view.php?id=CVE-2017-12599
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread. La versión 3.3 de OpenCV (Open Source Computer Vision Library) provoca un error de lectura fuera de límites en la función icvCvt_BGRA2BGR_8u_C4C3R cuando lee una imagen utilizando cv::imread. • https://github.com/opencv/opencv/issues/9309 https://github.com/xiaoqx/pocs/blob/master/opencv.md https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html https://security.gentoo.org/glsa/201712-02 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12606
https://notcve.org/view.php?id=CVE-2017-12606
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread. La versión 3.3 de OpenCV (Open Source Computer Vision Library) provoca un error de escritura fuera de límites en la función FillColorRow4 en utils.cpp cuando lee una imagen utilizando cv::imread. • https://github.com/opencv/opencv/issues/9309 https://github.com/xiaoqx/pocs/blob/master/opencv.md https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html https://security.gentoo.org/glsa/201712-02 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12601
https://notcve.org/view.php?id=CVE-2017-12601
OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. La versión 3.3 de OpenCV (Open Source Computer Vision Library) tiene un desbordamiento de búfer en la función cv::BmpDecoder::readData en modules/imgcodecs/src/grfmt_bmp.cpp cuando lee un archivo de imagen utilizando cv::imread. Esto se ha demostrado con la prueba 4-buf-overflow-readData-memcpy. • https://github.com/opencv/opencv/issues/9309 https://github.com/xiaoqx/pocs/blob/master/opencv.md https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html https://security.gentoo.org/glsa/201712-02 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12597
https://notcve.org/view.php?id=CVE-2017-12597
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. La versión 3.3 de OpenCV (Open Source Computer Vision Library) provoca un error de escritura fuera de límites en la función FillColorRow1 en utils.cpp cuando lee una imagen utilizando cv::imread. • https://github.com/opencv/opencv/issues/9309 https://github.com/xiaoqx/pocs/blob/master/opencv.md https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html https://security.gentoo.org/glsa/201712-02 • CWE-787: Out-of-bounds Write •