Rapid7

vulnerability

SUSE: CVE-2017-1000450: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jan 2, 2018
Added
May 29, 2018
Modified
May 7, 2019

Description

In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.

Solutions

suse-upgrade-libopencv-qt56_3suse-upgrade-libopencv-qt56_3-debuginfosuse-upgrade-libopencv3_1suse-upgrade-libopencv3_1-debuginfosuse-upgrade-opencvsuse-upgrade-opencv-debuginfosuse-upgrade-opencv-debugsourcesuse-upgrade-opencv-develsuse-upgrade-opencv-docsuse-upgrade-opencv-qt5suse-upgrade-opencv-qt5-debuginfosuse-upgrade-opencv-qt5-debugsourcesuse-upgrade-opencv-qt5-develsuse-upgrade-opencv-qt5-docsuse-upgrade-python-opencvsuse-upgrade-python-opencv-debuginfosuse-upgrade-python-opencv-qt5suse-upgrade-python-opencv-qt5-debuginfosuse-upgrade-python3-opencvsuse-upgrade-python3-opencv-debuginfosuse-upgrade-python3-opencv-qt5suse-upgrade-python3-opencv-qt5-debuginfo

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report