CVE-2019-14492 — Out-of-bounds Read in Opencv

CWE-125 — Out-of-bounds Read CWE-787 — Out-of-bounds Write CWE-400 — Uncontrolled Resource Consumption11 documents8 sources

Severity

7.5HIGHNVD

EPSS

0.5%

top 35.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opencv Opensuse Leap

Timeline

PublishedAug 1

Latest updateSep 28

Description

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDopencv/opencv4.0.0 — 4.1.1+1

▶Debianopencv/opencv< 4.1.2+dfsg-3+3

▶NVDopensuse/leap15.1

🔴Vulnerability Details

OSV

opencv vulnerabilities↗2022-09-28

▶

GHSA

Out-of-bounds Read and Out-of-bounds Write in OpenCV↗2021-10-12

▶

OSV

Out-of-bounds Read and Out-of-bounds Write in OpenCV↗2021-10-12

▶

CVEList

CVE-2019-14492: An issue was discovered in OpenCV before 3↗2019-08-01

▶

OSV

CVE-2019-14492: An issue was discovered in OpenCV before 3↗2019-08-01

▶

📋Vendor Advisories

Ubuntu

OpenCV vulnerabilities↗2022-09-28

▶

Red Hat

opencv: out-of-bounds read in function HaarEvaluator::OptFeature::calc() in cascadedetect.hpp leading to DoS↗2019-07-23

▶

Debian

CVE-2019-14492: opencv - An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an...↗2019

▶

💬Community

Bugzilla

CVE-2019-14492 opencv: out of bounds read/write in function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp leads to DOS [fedora-all]↗2020-02-03

▶

Bugzilla

CVE-2019-14492 opencv: out-of-bounds read in function HaarEvaluator::OptFeature::calc() in cascadedetect.hpp leading to DoS↗2020-02-03

▶