vulnerability-db
vulnerability-db copied to clipboard
Published
20 hours ago •
AppThreat
AppThreat
Triage results for opencv
Related to https://github.com/owasp-dep-scan/dep-scan/issues/320
We're currently reporting CVEs for version-less generic packages. Perhaps we can expose some options to configure the lookup.
python vdb/cli.py --bom /mnt/work/sandbox/opencv/bom.json
___
/\ ._ ._ | |_ ._ _ _. _|_
/--\ |_) |_) | | | | (/_ (_| |_
| |
VDB Results
┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ CVE ┃ Locator ┃ Description ┃ Affected Symbols ┃
┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ CVE-2021-23169 │ pkg:generic/openexr │ A heap-buffer overflow was found in the copyIntoFrameBuffer │ │
│ │ │ function of OpenEXR in versions before 3.0.1. An attacker could │ │
│ │ │ use this flaw to execute arbitrary code with the permissions of │ │
│ │ │ the user running the application compiled against OpenEXR. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3474 │ pkg:generic/openexr │ There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted │ │
│ │ │ input file that is processed by OpenEXR could cause a shift │ │
│ │ │ overflow in the FastHufDecoder, potentially leading to problems │ │
│ │ │ with application availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-20299 │ pkg:generic/openexr │ A flaw was found in OpenEXR's Multipart input file functionality. │ │
│ │ │ A crafted multi-part input file with no actual parts can trigger a │ │
│ │ │ NULL pointer dereference. The highest threat from this │ │
│ │ │ vulnerability is to system availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-26945 │ pkg:generic/openexr │ An integer overflow leading to a heap-buffer overflow was found in │ │
│ │ │ OpenEXR in versions before 3.0.1. An attacker could use this flaw │ │
│ │ │ to crash an application compiled with OpenEXR. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-20304 │ pkg:generic/openexr │ A flaw was found in OpenEXR's hufDecode functionality. This flaw │ │
│ │ │ allows an attacker who can pass a crafted file to be processed by │ │
│ │ │ OpenEXR, to trigger an undefined right shift error. The highest │ │
│ │ │ threat from this vulnerability is to system availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3598 │ pkg:generic/openexr │ There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality │ │
│ │ │ in versions prior to 3.0.5. An attacker who is able to submit a │ │
│ │ │ crafted file to an application linked with OpenEXR could cause an │ │
│ │ │ out-of-bounds read. The greatest risk from this flaw is to │ │
│ │ │ application availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-45942 │ pkg:generic/openexr │ OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in │ │
│ │ │ Imf_3_1::LineCompositeTask::execute (called from │ │
│ │ │ IlmThread_3_1::NullThreadPoolProvider::addTask and │ │
│ │ │ IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be │ │
│ │ │ inapplicable. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-20300 │ pkg:generic/openexr │ A flaw was found in OpenEXR's hufUncompress functionality in │ │
│ │ │ OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can │ │
│ │ │ submit a crafted file that is processed by OpenEXR, to trigger an │ │
│ │ │ integer overflow. The highest threat from this vulnerability is to │ │
│ │ │ system availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3605 │ pkg:generic/openexr │ There's a flaw in OpenEXR's rleUncompress functionality in │ │
│ │ │ versions prior to 3.0.5. An attacker who is able to submit a │ │
│ │ │ crafted file to an application linked with OpenEXR could cause an │ │
│ │ │ out-of-bounds read. The greatest risk from this flaw is to │ │
│ │ │ application availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-26260 │ pkg:generic/openexr │ An integer overflow leading to a heap-buffer overflow was found in │ │
│ │ │ the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker │ │
│ │ │ could use this flaw to crash an application compiled with OpenEXR. │ │
│ │ │ This is a different flaw from CVE-2021-23215. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-20296 │ pkg:generic/openexr │ A flaw was found in OpenEXR in versions before 3.0.0-beta. A │ │
│ │ │ crafted input file supplied by an attacker, that is processed by │ │
│ │ │ the Dwa decompression functionality of OpenEXR's IlmImf library, │ │
│ │ │ could cause a NULL pointer dereference. The highest threat from │ │
│ │ │ this vulnerability is to system availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3479 │ pkg:generic/openexr │ There's a flaw in OpenEXR's Scanline API functionality in versions │ │
│ │ │ before 3.0.0-beta. An attacker who is able to submit a crafted │ │
│ │ │ file to be processed by OpenEXR could trigger excessive │ │
│ │ │ consumption of memory, resulting in an impact to system │ │
│ │ │ availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-20302 │ pkg:generic/openexr │ A flaw was found in OpenEXR's TiledInputFile functionality. This │ │
│ │ │ flaw allows an attacker who can submit a crafted single-part │ │
│ │ │ non-image to be processed by OpenEXR, to trigger a floating-point │ │
│ │ │ exception error. The highest threat from this vulnerability is to │ │
│ │ │ system availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-20298 │ pkg:generic/openexr │ A flaw was found in OpenEXR's B44Compressor. This flaw allows an │ │
│ │ │ attacker who can submit a crafted file to be processed by OpenEXR, │ │
│ │ │ to exhaust all memory accessible to the application. The highest │ │
│ │ │ threat from this vulnerability is to system availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3941 │ pkg:generic/openexr │ In ImfChromaticities.cpp routine RGBtoXYZ(), there are some │ │
│ │ │ division operations such as float Z = (1 - chroma.white.x - │ │
│ │ │ chroma.white.y) * Y / chroma.white.y; and chroma.green.y * (X + │ │
│ │ │ Z))) / d; but the divisor is not checked for a 0 value. A │ │
│ │ │ specially crafted file could trigger a divide-by-zero condition │ │
│ │ │ which could affect the availability of programs linked with │ │
│ │ │ OpenEXR. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3477 │ pkg:generic/openexr │ There's a flaw in OpenEXR's deep tile sample size calculations in │ │
│ │ │ versions before 3.0.0-beta. An attacker who is able to submit a │ │
│ │ │ crafted file to be processed by OpenEXR could trigger an integer │ │
│ │ │ overflow, subsequently leading to an out-of-bounds read. The │ │
│ │ │ greatest risk of this flaw is to application availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3475 │ pkg:generic/openexr │ There is a flaw in OpenEXR in versions before 3.0.0-beta. An │ │
│ │ │ attacker who can submit a crafted file to be processed by OpenEXR │ │
│ │ │ could cause an integer overflow, potentially leading to problems │ │
│ │ │ with application availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-23215 │ pkg:generic/openexr │ An integer overflow leading to a heap-buffer overflow was found in │ │
│ │ │ the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker │ │
│ │ │ could use this flaw to crash an application compiled with OpenEXR. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-20303 │ pkg:generic/openexr │ A flaw found in function dataWindowForTile() of │ │
│ │ │ IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a │ │
│ │ │ crafted file to be processed by OpenEXR could trigger an integer │ │
│ │ │ overflow, leading to an out-of-bounds write on the heap. The │ │
│ │ │ greatest impact of this flaw is to application availability, with │ │
│ │ │ some potential impact to data integrity as well. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3476 │ pkg:generic/openexr │ A flaw was found in OpenEXR's B44 uncompression functionality in │ │
│ │ │ versions before 3.0.0-beta. An attacker who is able to submit a │ │
│ │ │ crafted file to OpenEXR could trigger shift overflows, potentially │ │
│ │ │ affecting application availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3478 │ pkg:generic/openexr │ There's a flaw in OpenEXR's scanline input file functionality in │ │
│ │ │ versions before 3.0.0-beta. An attacker able to submit a crafted │ │
│ │ │ file to be processed by OpenEXR could consume excessive system │ │
│ │ │ memory. The greatest impact of this flaw is to system │ │
│ │ │ availability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2021-3933 │ pkg:generic/openexr │ An integer overflow could occur when OpenEXR processes a crafted │ │
│ │ │ file on systems where size_t < 64 bits. This could cause an │ │
│ │ │ invalid bytesPerLine and maxBytesPerLine value, which could lead │ │
│ │ │ to problems with application stability or lead to other attack │ │
│ │ │ paths. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2023-5841 │ pkg:generic/openexr │ Due to a failure in validating the number of scanline samples of a │ │
│ │ │ OpenEXR file containing deep scanline data, Academy Software │ │
│ │ │ Foundation OpenEX image parsing library version 3.2.1 and prior is │ │
│ │ │ susceptible to a heap-based buffer overflow vulnerability. This │ │
│ │ │ issue was resolved as of versions v3.2.2 and v3.1.12 of the │ │
│ │ │ affected library. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-15304 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.5.2. An invalid tiled │ │
│ │ │ input file could cause invalid memory access in │ │
│ │ │ TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, │ │
│ │ │ as demonstrated by a NULL pointer dereference. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-11758 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.4.1. There is an │ │
│ │ │ out-of-bounds read in ImfOptimizedPixelReading.h. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-11761 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.4.1. There is an │ │
│ │ │ out-of-bounds read during Huffman uncompression, as demonstrated │ │
│ │ │ by FastHufDecoder::refill in ImfFastHuf.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-11760 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.4.1. There is an │ │
│ │ │ out-of-bounds read during RLE uncompression in rleUncompress in │ │
│ │ │ ImfRle.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-11762 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.4.1. There is an │ │
│ │ │ out-of-bounds read and write in DwaCompressor::uncompress in │ │
│ │ │ ImfDwaCompressor.cpp when handling the UNKNOWN compression case. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-15306 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before v2.5.2. Invalid │ │
│ │ │ chunkCount attributes could cause a heap buffer overflow in │ │
│ │ │ getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-16589 │ pkg:generic/openexr │ A head-based buffer overflow exists in Academy Software Foundation │ │
│ │ │ OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can │ │
│ │ │ cause a denial of service via a crafted EXR file. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-11763 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.4.1. There is an │ │
│ │ │ std::vector out-of-bounds read and write, as demonstrated by │ │
│ │ │ ImfTileOffsets.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-11765 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.4.1. There is an │ │
│ │ │ off-by-one error in use of the ImfXdr.h read function by │ │
│ │ │ DwaCompressor::Classifier::Classifier, leading to an out-of-bounds │ │
│ │ │ read. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-16588 │ pkg:generic/openexr │ A Null Pointer Deference issue exists in Academy Software │ │
│ │ │ Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp │ │
│ │ │ that can cause a denial of service via a crafted EXR file. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-11764 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.4.1. There is an │ │
│ │ │ out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-16587 │ pkg:generic/openexr │ A heap-based buffer overflow vulnerability exists in Academy │ │
│ │ │ Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in │ │
│ │ │ ImfMultiPartInputFile.cpp that can cause a denial of service via a │ │
│ │ │ crafted EXR file. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-15305 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.5.2. Invalid input │ │
│ │ │ could cause a use-after-free in │ │
│ │ │ DeepScanLineInputFile::DeepScanLineInputFile() in │ │
│ │ │ IlmImf/ImfDeepScanLineInputFile.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-11759 │ pkg:generic/openexr │ An issue was discovered in OpenEXR before 2.4.1. Because of │ │
│ │ │ integer overflows in │ │
│ │ │ CompositeDeepScanLine::Data::handleDeepFrameBuffer and │ │
│ │ │ readSampleCountForLineBlock, an attacker can write to an │ │
│ │ │ out-of-bounds pointer. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2023-24535 │ pkg:generic/protobuf │ Parsing invalid messages can panic. Parsing a text-format message │ │
│ │ │ which contains a potential number consisting of a minus sign, one │ │
│ │ │ or more characters of whitespace, and no further input will cause │ │
│ │ │ a panic. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2019-14492 │ pkg:generic/opencv │ An issue was discovered in OpenCV before 3.4.7 and 4.x before │ │
│ │ │ 4.1.1. There is an out of bounds read/write in the function │ │
│ │ │ HaarEvaluator::OptFeature::calc in │ │
│ │ │ modules/objdetect/src/cascadedetect.hpp, which leads to denial of │ │
│ │ │ service. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2019-19624 │ pkg:generic/opencv │ An out-of-bounds read was discovered in OpenCV before 4.1.1. │ │
│ │ │ Specifically, variable coarsest_scale is assumed to be greater │ │
│ │ │ than or equal to finest_scale within the calc()/ocl_calc() │ │
│ │ │ functions in dis_flow.cpp. However, this is not true when dealing │ │
│ │ │ with small images, leading to an out-of-bounds read of the │ │
│ │ │ heap-allocated arrays Ux and Uy. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2019-15939 │ pkg:generic/opencv │ An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero │ │
│ │ │ error in cv::HOGDescriptor::getDescriptorSize in │ │
│ │ │ modules/objdetect/src/hog.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2019-14491 │ pkg:generic/opencv │ An issue was discovered in OpenCV before 3.4.7 and 4.x before │ │
│ │ │ 4.1.1. There is an out of bounds read in the function │ │
│ │ │ cv::predictOrderedcv::HaarEvaluator in │ │
│ │ │ modules/objdetect/src/cascadedetect.hpp, which leads to denial of │ │
│ │ │ service. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2019-5064 │ pkg:generic/opencv │ An exploitable heap buffer overflow vulnerability exists in the │ │
│ │ │ data structure persistence functionality of OpenCV, before version │ │
│ │ │ 4.2.0. A specially crafted JSON file can cause a buffer overflow, │ │
│ │ │ resulting in multiple heap corruptions and potentially code │ │
│ │ │ execution. An attacker can provide a specially crafted file to │ │
│ │ │ trigger this vulnerability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2019-16249 │ pkg:generic/opencv │ OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in │ │
│ │ │ core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in │ │
│ │ │ modules/video/src/dis_flow.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2019-14493 │ pkg:generic/opencv │ An issue was discovered in OpenCV before 4.1.1. There is a NULL │ │
│ │ │ pointer dereference in the function cv::XMLParser::parse at │ │
│ │ │ modules/core/src/persistence.cpp. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2019-5063 │ pkg:generic/opencv │ An exploitable heap buffer overflow vulnerability exists in the │ │
│ │ │ data structure persistence functionality of OpenCV 4.1.0. A │ │
│ │ │ specially crafted XML file can cause a buffer overflow, resulting │ │
│ │ │ in multiple heap corruptions and potential code execution. An │ │
│ │ │ attacker can provide a specially crafted file to trigger this │ │
│ │ │ vulnerability. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2018-7713 │ pkg:generic/opencv │ The validateInputImageSize function in │ │
│ │ │ modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote │ │
│ │ │ attackers to cause a denial of service (assertion failure) because │ │
│ │ │ (size.width <= (1<<20)) may be false. Note: “OpenCV CV_Assert is │ │
│ │ │ not an assertion (C-like assert()), it is regular C++ exception │ │
│ │ │ which can raised in case of invalid or non-supported parameters. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2018-5268 │ pkg:generic/opencv │ In OpenCV 3.3.1, a heap-based buffer overflow happens in │ │
│ │ │ cv::Jpeg2KDecoder::readComponent8u in │ │
│ │ │ modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted │ │
│ │ │ image file. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2018-5269 │ pkg:generic/opencv │ In OpenCV 3.3.1, an assertion failure happens in │ │
│ │ │ cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp │ │
│ │ │ because of an incorrect integer cast. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2018-7712 │ pkg:generic/opencv │ The validateInputImageSize function in │ │
│ │ │ modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote │ │
│ │ │ attackers to cause a denial of service (assertion failure) because │ │
│ │ │ (size.height <= (1<<20)) may be false. Note: “OpenCV CV_Assert is │ │
│ │ │ not an assertion (C-like assert()), it is regular C++ exception │ │
│ │ │ which can raised in case of invalid or non-supported parameters. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2018-7714 │ pkg:generic/opencv │ The validateInputImageSize function in │ │
│ │ │ modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote │ │
│ │ │ attackers to cause a denial of service (assertion failure) because │ │
│ │ │ (pixels <= (1<<30)) may be false. Note: “OpenCV CV_Assert is not │ │
│ │ │ an assertion (C-like assert()), it is regular C++ exception which │ │
│ │ │ can raised in case of invalid or non-supported parameters. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2023-2618 │ pkg:generic/opencv │ A vulnerability, which was classified as problematic, has been │ │
│ │ │ found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this │ │
│ │ │ issue is the function DecodedBitStreamParser::decodeHanziSegment │ │
│ │ │ of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The │ │
│ │ │ manipulation leads to memory leak. The attack may be launched │ │
│ │ │ remotely. The name of the patch is │ │
│ │ │ 2b62ff6181163eea029ed1cab11363b4996e9cd6. It is recommended to │ │
│ │ │ apply a patch to fix this issue. The identifier of this │ │
│ │ │ vulnerability is VDB-228548. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2023-2617 │ pkg:generic/opencv │ A vulnerability classified as problematic was found in OpenCV │ │
│ │ │ wechat_qrcode Module up to 4.7.0. Affected by this vulnerability │ │
│ │ │ is the function DecodedBitStreamParser::decodeByteSegment of the │ │
│ │ │ file qrcode/decoder/decoded_bit_stream_parser.cpp. The │ │
│ │ │ manipulation leads to null pointer dereference. The attack can be │ │
│ │ │ launched remotely. The exploit has been disclosed to the public │ │
│ │ │ and may be used. It is recommended to apply a patch to fix this │ │
│ │ │ issue. The associated identifier of this vulnerability is │ │
│ │ │ VDB-228547. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2018-9840 │ pkg:generic/signal#signal.h │ The Open Whisper Signal app before 2.23.2 for iOS allows │ │
│ │ │ physically proximate attackers to bypass the screen locker feature │ │
│ │ │ via certain rapid sequences of actions that include app opening, │ │
│ │ │ clicking on cancel, and using the home button. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2018-16132 │ pkg:generic/signal#signal.h │ The image rendering component (createGenericPreview) of the Open │ │
│ │ │ Whisper Signal app through 2.29.0 for iOS fails to check for │ │
│ │ │ unreasonably large images before manipulating received images. │ │
│ │ │ This allows for a large image sent to a user to exhaust all │ │
│ │ │ available memory when the image is displayed, resulting in a │ │
│ │ │ forced restart of the device. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2022-28345 │ pkg:generic/signal#signal.h │ The Signal app before 5.34 for iOS allows URI spoofing via RTLO │ │
│ │ │ injection. It incorrectly renders RTLO encoded URLs beginning with │ │
│ │ │ a non-breaking space, when there is a hash character in the URL. │ │
│ │ │ This technique allows a remote unauthenticated attacker to send │ │
│ │ │ legitimate looking links, appearing to be any website URL, by │ │
│ │ │ abusing the non-http/non-https automatic rendering of URLs. An │ │
│ │ │ attacker can spoof, for example, example.com, and masquerade any │ │
│ │ │ URL with a malicious destination. An attacker requires a subdomain │ │
│ │ │ such as gepj, txt, fdp, or xcod, which would appear backwards as │ │
│ │ │ jpeg, txt, pdf, and docx respectively. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2020-5753 │ pkg:generic/signal#signal.h │ Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 │ │
│ │ │ and up allows a remote non-contact to ring a victim's Signal phone │ │
│ │ │ and disclose currently used DNS server due to ICE Candidate │ │
│ │ │ handling before call is answered or declined. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2018-25032 │ pkg:generic/zlib#3rdparty/zlib/zlib.h │ zlib before 1.2.12 allows memory corruption when deflating (i.e., │ │
│ │ │ when compressing) if the input has many distant matches. │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2022-37434 │ pkg:generic/zlib#3rdparty/zlib/zlib.h │ zlib through 1.2.12 has a heap-based buffer over-read or buffer │ │
│ │ │ overflow in inflate in inflate.c via a large gzip header extra │ │
│ │ │ field. NOTE: only applications that call inflateGetHeader are │ │
│ │ │ affected. Some common applications bundle the affected zlib source │ │
│ │ │ code but may be unable to call inflateGetHeader (e.g., see the │ │
│ │ │ nodejs/node reference). │ │
├────────────────┼───────────────────────────────────────┼────────────────────────────────────────────────────────────────────┼────────────────────────────────────────────────────┤
│ CVE-2023-45853 │ pkg:generic/zlib#3rdparty/zlib/zlib.h │ MiniZip in zlib through 1.3 has an integer overflow and resultant │ │
│ │ │ heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long │ │
│ │ │ filename, comment, or extra field. NOTE: MiniZip is not a │ │
│ │ │ supported part of the zlib product. NOTE: pyminizip through 0.2.6 │ │
│ │ │ is also vulnerable because it bundles an affected zlib version, │ │
│ │ │ and exposes the applicable MiniZip code through its compress API. │ │
└────────────────┴───────────────────────────────────────┴────────────────────────────────────────────────────────────────────┴────────────────────────────────────────────────────┘
NOTE:
- [ ] CVE-2023-4969 is not reported for [email protected]. This is because it comes up with the purl prefix
pkg:generic/khronos/openclbased on the nvd entry.
