Debian Opencv vulnerabilities

CVE-2017-12598 [HIGH] CVE-2017-12598: opencv - OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds re... OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0

CVE-2017-12863 [HIGH] CVE-2017-12863: opencv - In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has... In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfsg-6) forky: resolved (fixe

CVE-2017-12602 [HIGH] CVE-2017-12602: opencv - OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service... OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfsg-6) forky: resolved (fixed in 3.2.0+dfsg-6) sid: resolved (fixed in 3.2.0+dfsg-6) trixie: resolved (fi

CVE-2017-12605 [HIGH] CVE-2017-12605: opencv - OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds wr... OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfsg-6) forky: resolved (fixed in 3.2.0+dfsg-6) sid: resolved (fixed in 3.2.0+dfsg-6) trixie: res

CVE-2017-12600 [HIGH] CVE-2017-12600: opencv - OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service... OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfsg-6) forky: resolved (fixed in 3.2.0+dfsg-6) sid: resolved (fixed in 3.2.0+dfsg-6) trixie: resolved (fixed in

CVE-2017-1000450 [HIGH] CVE-2017-1000450: opencv - In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGra... In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfs

CVE-2017-12606 [HIGH] CVE-2017-12606: opencv - OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds wr... OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfsg-6) forky: resolved (fixed in 3.2.0+dfsg-6) sid: resolved (fixed in 3.2.0+dfsg-6) trixie: res

CVE-2017-17760 [MEDIUM] CVE-2017-17760: opencv - OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData function in g... OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfsg-6) forky: resolved (fixed in 3.2.0+dfsg-6) sid: resolved (fixed in 3.2.0+dfsg-6) trixie: resolved (fixed in 3.2.0+dfsg-6)

CVE-2017-14136 [HIGH] CVE-2017-14136: opencv - OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds write erro... OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12597. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-18009 [HIGH] CVE-2017-18009: opencv - In OpenCV 3.3.1, a heap-based buffer over-read exists in the function cv::HdrDec... In OpenCV 3.3.1, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp. Scope: local bookworm: resolved (fixed in 4.1.2+dfsg-3) bullseye: resolved (fixed in 4.1.2+dfsg-3) forky: resolved (fixed in 4.1.2+dfsg-3) sid: resolved (fixed in 4.1.2+dfsg-3) trixie: resolved (fixed in 4.1.2+dfsg-3)

CVE-2016-1516 [HIGH] CVE-2016-1516: opencv - OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary ... OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfsg-6) forky: resolved (fixed in 3.2.0+dfsg-6) sid: resolved (fixed in 3.2.0+dfsg-6) trixie: resolved (fixed in 3.2.0+dfsg-6)

CVE-2016-1517 [MEDIUM] CVE-2016-1517: opencv - OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via... OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks. Scope: local bookworm: resolved (fixed in 3.2.0+dfsg-6) bullseye: resolved (fixed in 3.2.0+dfsg-6) forky: resolved (fixed in 3.2.0+dfsg-6) sid: resolved (fixed in 3.2.0+dfsg-6) trixie: resolved (fixed in 3.2.0+dfsg-6)