PyPI package

opencv-python

pkg:pypi/opencv-python

Vulnerabilities (30)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-12604	Hig	8.8	< 3.3.1.11	3.3.1.11	Aug 7, 2017	OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread.
CVE-2017-12603	Hig	8.8	< 3.3.1.11	3.3.1.11	Aug 7, 2017	OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case.
CVE-2017-12602	Hig	7.5	< 3.3.1.11	3.3.1.11	Aug 7, 2017	OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case.
CVE-2017-12601	Hig	8.8	< 3.3.1.11	3.3.1.11	Aug 7, 2017	OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case.
CVE-2017-12600	Hig	7.5	< 3.3.1.11	3.3.1.11	Aug 7, 2017	OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case.
CVE-2017-12599	Hig	8.8	< 3.3.1.11	3.3.1.11	Aug 7, 2017	OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread.
CVE-2017-12598	Hig	8.8	< 3.3.1.11	3.3.1.11	Aug 7, 2017	OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case.
CVE-2017-12597	Hig	8.8	< 3.3.1.11	3.3.1.11	Aug 7, 2017	OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread.
CVE-2016-1517	Med	5.5	< 3.3.1.11	3.3.1.11	Apr 10, 2017	OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks.
CVE-2016-1516	Hig	8.8	< 3.3.1.11	3.3.1.11	Apr 10, 2017	OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.

CVE-2017-12604HigAug 7, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread.
CVE-2017-12603HigAug 7, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case.
CVE-2017-12602HigAug 7, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case.
CVE-2017-12601HigAug 7, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case.
CVE-2017-12600HigAug 7, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case.
CVE-2017-12599HigAug 7, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread.
CVE-2017-12598HigAug 7, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case.
CVE-2017-12597HigAug 7, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread.
CVE-2016-1517MedApr 10, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks.
CVE-2016-1516HigApr 10, 2017
affected < 3.3.1.11fixed 3.3.1.11
OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.

Page 2 of 2