CVE-2019-14491Out-of-bounds Read in Opencv

CWE-125Out-of-bounds ReadCWE-400Uncontrolled Resource ConsumptionCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents8 sources
Severity
8.2HIGHNVD
EPSS
0.3%
top 45.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Opencv
Timeline
PublishedAug 1
Latest updateSep 28

Description

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:HExploitability: 3.9 | Impact: 4.2

Affected Packages2 packages

NVDopencv/opencv4.0.04.1.1+1
Debianopencv/opencv< 4.1.2+dfsg-3+3

🔴Vulnerability Details

5
OSV
opencv vulnerabilities2022-09-28
GHSA
Out-of-bounds Read in OpenCV2021-10-12
OSV
Out-of-bounds Read in OpenCV2021-10-12
OSV
CVE-2019-14491: An issue was discovered in OpenCV before 32019-08-01
CVEList
CVE-2019-14491: An issue was discovered in OpenCV before 32019-08-01

📋Vendor Advisories

4
Ubuntu
OpenCV vulnerabilities2022-09-28
Red Hat
dnsmasq: Improper bounds checking leads to a buffer overread2019-08-09
Red Hat
opencv: out-of-bounds read in function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp leads to dos2019-08-01
Debian
CVE-2019-14491: opencv - An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an...2019

💬Community

3
Bugzilla
CVE-2019-14491 opencv: out-of-bounds read in function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp leads to dos [fedora-all]2019-09-13
Bugzilla
CVE-2019-14491 opencv: out-of-bounds read in function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp leads to dos2019-09-13
Bugzilla
CVE-2019-14513 dnsmasq: Improper bounds checking leads to a buffer overread2019-08-09
CVE-2019-14491 — Out-of-bounds Read in Opencv | cvebase