Medium severity6.5NVD Advisory· Published Dec 29, 2017· Updated May 13, 2026
CVE-2017-17760
CVE-2017-17760
Description
OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
opencv-pythonPyPI | < 3.4.0.12 | 3.4.0.12 |
opencv-contrib-pythonPyPI | < 3.4.0.12 | 3.4.0.12 |
Affected products
4cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274cnvdIssue TrackingPatchThird Party AdvisoryWEB
- www.securityfocus.com/bid/102974nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-jcxv-2j3h-mg59ghsaADVISORY
- github.com/opencv/opencv/issues/10351nvdIssue TrackingThird Party AdvisoryWEB
- lists.debian.org/debian-lts-announce/2018/01/msg00008.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.debian.org/debian-lts-announce/2018/07/msg00030.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.debian.org/debian-lts-announce/2021/10/msg00028.htmlnvdMailing ListThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2017-17760ghsaADVISORY
News mentions
0No linked articles in our index yet.