CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2618 – OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeHanziSegment memory leak
https://notcve.org/view.php?id=CVE-2023-2618
10 May 2023 — A vulnerability, which was classified as problematic, has been found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to memory leak. The attack may be launched remotely. The name of the patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. • https://github.com/opencv/opencv_contrib/pull/3484 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2617 – OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeByteSegment null pointer dereference
https://notcve.org/view.php?id=CVE-2023-2617
10 May 2023 — A vulnerability classified as problematic was found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://gist.github.com/GZTimeWalker/3ca70a8af2f5830711e9cccc73fb5270 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1CVE-2019-5064
https://notcve.org/view.php?id=CVE-2019-5064
03 Jan 2020 — An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento del búfer de almacenamiento dinámico explotable en la funcionalidad de persistencia de la estructura de datos de OpenCV,... • https://github.com/opencv/opencv/issues/15857 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 5%CPEs: 4EXPL: 1CVE-2019-5063
https://notcve.org/view.php?id=CVE-2019-5063
03 Jan 2020 — An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer de la pila en la funcionalidad de persistencia de la estructura de datos de OpenCV versión 4.1.0. Un archivo XML especialmente dis... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0852 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-19624
https://notcve.org/view.php?id=CVE-2019-19624
06 Dec 2019 — An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy. Se detectó una lectura fuera de límites en OpenCV versiones anteriores a 4.1.1. Específicamente, una variable coarsest_scale es asumida para ser mayor o igual que finest_s... • https://access.redhat.com/security/cve/cve-2019-19624 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16249
https://notcve.org/view.php?id=CVE-2019-16249
11 Sep 2019 — OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp. OpenCV versión 4.1.1, presenta una lectura fuera de límites en la función hal_baseline::v_load en el archivo core/hal/intrin_sse.hpp cuando es llamada desde computeSSDMeanNorm en el archivo modules/video/src/dis_flow.cpp. • https://bugzilla.redhat.com/show_bug.cgi?id=1752702 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 1%CPEs: 3EXPL: 1CVE-2019-15939
https://notcve.org/view.php?id=CVE-2019-15939
05 Sep 2019 — An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp. Se detectó un problema en OpenCV versión 4.1.0. Hay un error de división por cero en cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-14493 – Ubuntu Security Notice USN-7247-1
https://notcve.org/view.php?id=CVE-2019-14493
01 Aug 2019 — An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp. Se detectó un problema en OpenCV anterior a versión 4.1.1. Se presenta una desreferencia de puntero NULL en la función cv::XMLParser::parse en el archivo modules/core/src/persistence.cpp. It was discovered that OpenCV did not properly manage certain XML data, leading to a NULL pointer dereference. • https://github.com/opencv/opencv/compare/371bba8...ddbd10c • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-14492
https://notcve.org/view.php?id=CVE-2019-14492
01 Aug 2019 — An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. Se detectó un problema en OpenCV anterior a versión 3.4.7 y versiones 4.x anteriores a 4.1.1. Se presenta una lectura y escritura fuera de límites en la función HaarEvaluator::OptFeature::calc en el archivo modules/objdetect/src/cascadedetect.hpp, lo que conlleva a la denegación ... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 1CVE-2019-14491
https://notcve.org/view.php?id=CVE-2019-14491
01 Aug 2019 — An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered