Skip to main content

Opencv CVE-2018-5269

MEDIUM
Reachable Assertion (CWE-617)
2018-01-08 cve@mitre.org
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Jan 08, 2018 - 05:29 nvd
MEDIUM 5.5

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 3 pypi packages depend on opencv-python (3 direct, 0 indirect)

Ecosystem-wide dependent count for version 3.4.1.15.

DescriptionNVD

In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.

AnalysisAI

In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-617. In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast. Affected products include: Opencv, Debian Debian Linux.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Opencv

View all
CVE-2017-12606 HIGH POC
8.8 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow4

CVE-2016-1516 HIGH POC
8.8 Apr 10

OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. Rated high severity (CVSS 8.8), th

CVE-2017-12601 HIGH POC
8.8 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function

CVE-2017-12605 HIGH POC
8.8 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillColorRow8 function

CVE-2017-12604 HIGH POC
8.8 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillUniColor function i

CVE-2017-12603 HIGH POC
8.8 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function

CVE-2017-12597 HIGH POC
8.8 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1

CVE-2017-12599 HIGH POC
8.8 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR

CVE-2017-12598 HIGH POC
8.8 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlo

CVE-2019-14491 HIGH POC
8.2 Aug 01

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. Rated high severity (CVSS 8.2), this vulnerability

CVE-2017-12602 HIGH POC
7.5 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (memory consumption) issue, as demonstr

CVE-2017-12600 HIGH POC
7.5 Aug 07

OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrate

Share

CVE-2018-5269 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy