Описание
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | not-affected | 4.6.0+dfsg-4 |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | 4.2.0+dfsg-5 |
| esm-apps/jammy | not-affected | 4.5.4+dfsg-9ubuntu4 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| focal | not-affected | 4.2.0+dfsg-5 |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.
An exploitable heap buffer overflow vulnerability exists in the data s ...
Уязвимость функции сохранения структуры данных библиотеки алгоритмов компьютерного зрения, обработки изображений и численных алгоритмов общего назначения Open Source Computer Vision Library (OpenCV), позволяющая нарушителю выполнить произвольный код
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3