CVE-2019-14491
Description
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Out-of-bounds read in OpenCV's Haar cascade classifier leads to denial of service via crafted cascade file.
Vulnerability
An out-of-bounds read vulnerability exists in the cv::predictOrdered<cv::HaarEvaluator> function in modules/objdetect/src/cascadedetect.hpp of OpenCV. The issue occurs when evaluating Haar feature cascades: the index leafOfs - idx can become negative or exceed the bounds of the cascadeLeaves array, leading to reading invalid memory [2]. This affects OpenCV versions before 3.4.7 and 4.x before 4.1.1.
Exploitation
An attacker can trigger this vulnerability by providing a specially crafted Haar cascade XML file to an application using OpenCV's object detection functions (e.g., detectMultiScale). No authentication or special privileges are required; the attacker only needs to supply the malicious cascade file or cause the application to load it. The out-of-bounds read occurs during the evaluation of the cascade stages, resulting in a crash.
Impact
Successful exploitation leads to a denial of service (DoS) due to a segmentation fault or application crash. The vulnerability does not appear to allow arbitrary code execution or information disclosure beyond the crash.
Mitigation
The issue is fixed in OpenCV versions 3.4.7 and 4.1.1, released in July 2019 [3][4]. Users should upgrade to these or later versions. No workarounds are documented; if upgrading is not possible, avoid loading untrusted cascade files.
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
opencv-pythonPyPI | < 3.4.7.28 | 3.4.7.28 |
opencv-pythonPyPI | >= 4.0.0.21, < 4.1.1.26 | 4.1.1.26 |
opencv-python-headlessPyPI | < 3.4.7.28 | 3.4.7.28 |
opencv-python-headlessPyPI | >= 4.0.0.21, < 4.1.1.26 | 4.1.1.26 |
opencv-contrib-pythonPyPI | < 3.4.7.28 | 3.4.7.28 |
opencv-contrib-pythonPyPI | >= 4.0.0.21, < 4.1.1.26 | 4.1.1.26 |
opencv-contrib-python-headlessPyPI | < 3.4.7.28 | 3.4.7.28 |
opencv-contrib-python-headlessPyPI | >= 4.0.0.21, < 4.1.1.26 | 4.1.1.26 |
Affected products
11- OpenCV/OpenCVdescription
- ghsa-coords10 versionspkg:pypi/opencv-contrib-pythonpkg:pypi/opencv-contrib-python-headlesspkg:pypi/opencv-pythonpkg:pypi/opencv-python-headlesspkg:rpm/suse/opencv&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015pkg:rpm/suse/opencv&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP1pkg:rpm/suse/opencv&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2pkg:rpm/suse/opencv&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015pkg:rpm/suse/opencv&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP1pkg:rpm/suse/opencv&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2
< 3.4.7.28+ 9 more
- (no CPE)range: < 3.4.7.28
- (no CPE)range: < 3.4.7.28
- (no CPE)range: < 3.4.7.28
- (no CPE)range: < 3.4.7.28
- (no CPE)range: < 3.3.1-6.6.1
- (no CPE)range: < 3.3.1-6.6.1
- (no CPE)range: < 3.3.1-6.6.1
- (no CPE)range: < 3.3.1-6.6.1
- (no CPE)range: < 3.3.1-6.6.1
- (no CPE)range: < 3.3.1-6.6.1
Patches
24a7ca5a29103OpenCV version++ (3.4.7)
1 file changed · +1 −1
modules/core/include/opencv2/core/version.hpp+1 −1 modified@@ -8,7 +8,7 @@ #define CV_VERSION_MAJOR 3 #define CV_VERSION_MINOR 4 #define CV_VERSION_REVISION 7 -#define CV_VERSION_STATUS "-pre" +#define CV_VERSION_STATUS "" #define CVAUX_STR_EXP(__A) #__A #define CVAUX_STR(__A) CVAUX_STR_EXP(__A)
693877212d34Fixed video writer filename check for plugins
1 file changed · +2 −1
modules/videoio/src/backend_plugin.cpp+2 −1 modified@@ -480,7 +480,8 @@ class PluginWriter : public cv::IVideoWriter if (plugin_api->Writer_open) { CV_Assert(plugin_api->Writer_release); - if (CV_ERROR_OK == plugin_api->Writer_open(filename.empty() ? 0 : filename.c_str(), fourcc, fps, sz.width, sz.height, isColor, &writer)) + CV_Assert(!filename.empty()); + if (CV_ERROR_OK == plugin_api->Writer_open(filename.c_str(), fourcc, fps, sz.width, sz.height, isColor, &writer)) { CV_Assert(writer); return makePtr<PluginWriter>(plugin_api, writer);
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
8- lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.htmlmitrevendor-advisoryx_refsource_SUSE
- github.com/advisories/GHSA-fm39-cw8h-3p63ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2019-14491ghsaADVISORY
- github.com/opencv/opencv/compare/33b765d...4a7ca5aghsax_refsource_MISCWEB
- github.com/opencv/opencv/compare/371bba8...ddbd10cghsax_refsource_MISCWEB
- github.com/opencv/opencv/issues/15125ghsax_refsource_MISCWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQghsaWEB
News mentions
0No linked articles in our index yet.