vulnerability

Ubuntu: (CVE-2017-1000450): opencv vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Jan 2, 2018	Nov 19, 2024	Aug 19, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Jan 2, 2018

Added

Nov 19, 2024

Modified

Aug 19, 2025

Description

In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.

Solution

ubuntu-upgrade-opencv

References

CVE-2017-100045
https://attackerkb.com/topics/CVE-2017-100045
CWE-190
URL-https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor
URL-https://github.com/opencv/opencv/issues/9723
URL-https://www.cve.org/CVERecord?id=CVE-2017-1000450

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today