Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/516668?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/516668?format=api", "purl": "pkg:deb/debian/opencv@0.9.5-10", "type": "deb", "namespace": "debian", "name": "opencv", "version": "0.9.5-10", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.5.1+dfsg-5", "latest_non_vulnerable_version": "4.5.1+dfsg-5", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41558?format=api", "vulnerability_id": "VCID-1bk1-pc9v-ykgv", "summary": "Double Free\nOpenCV has a double free issue that allows attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1516.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1516.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73707", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73744", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1516" }, { "reference_url": "https://arxiv.org/pdf/1701.04739.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://arxiv.org/pdf/1701.04739.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1516" }, { "reference_url": "https://github.com/opencv/opencv/issues/5956", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/5956" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443528", "reference_id": "1443528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443528" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872043", "reference_id": "872043", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872043" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1516", "reference_id": "CVE-2016-1516", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1516" }, { "reference_url": "https://github.com/advisories/GHSA-cvhw-2593-5j2q", "reference_id": "GHSA-cvhw-2593-5j2q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cvhw-2593-5j2q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2016-1516", "GHSA-cvhw-2593-5j2q" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bk1-pc9v-ykgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41566?format=api", "vulnerability_id": "VCID-1qhy-7pnz-aqga", "summary": "Out-of-bounds Write\nAn issue was discovered in OpenCV There is an out-of-bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64353", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64396", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14492" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/opencv/opencv/compare/33b765d...4a7ca5a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/compare/33b765d...4a7ca5a" }, { "reference_url": "https://github.com/opencv/opencv/compare/371bba8...ddbd10c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/compare/371bba8...ddbd10c" }, { "reference_url": "https://github.com/opencv/opencv/issues/15124", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/15124" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797445", "reference_id": "1797445", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797445" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14492", "reference_id": "CVE-2019-14492", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14492" }, { "reference_url": "https://github.com/advisories/GHSA-fw99-f933-rgh8", "reference_id": "GHSA-fw99-f933-rgh8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fw99-f933-rgh8" }, { "reference_url": "https://usn.ubuntu.com/USN-4818-1/", "reference_id": "USN-USN-4818-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4818-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517067?format=api", "purl": "pkg:deb/debian/opencv@4.5.1%2Bdfsg-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5" } ], "aliases": [ "CVE-2019-14492", "GHSA-fw99-f933-rgh8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1qhy-7pnz-aqga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41550?format=api", "vulnerability_id": "VCID-21n5-7ukh-gyfr", "summary": "NULL Pointer Dereference\nAn issue was discovered in OpenCV There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14493.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14493.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37666", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37574", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14493" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/opencv/opencv/compare/371bba8...ddbd10c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/compare/371bba8...ddbd10c" }, { "reference_url": "https://github.com/opencv/opencv/issues/15127", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/15127" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797450", "reference_id": "1797450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797450" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14493", "reference_id": "CVE-2019-14493", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14493" }, { "reference_url": "https://github.com/advisories/GHSA-3448-vrgh-85xr", "reference_id": "GHSA-3448-vrgh-85xr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3448-vrgh-85xr" }, { "reference_url": "https://usn.ubuntu.com/7247-1/", "reference_id": "USN-7247-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7247-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4818-1/", "reference_id": "USN-USN-4818-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4818-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517067?format=api", "purl": "pkg:deb/debian/opencv@4.5.1%2Bdfsg-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5" } ], "aliases": [ "CVE-2019-14493", "GHSA-3448-vrgh-85xr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21n5-7ukh-gyfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41571?format=api", "vulnerability_id": "VCID-22su-dw4m-pfe6", "summary": "Denial of Service in OpenCV\nOpenCV (Open Source Computer Vision Library) has a denial of service (CPU consumption) issue, as demonstrated by the test case.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12600.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12600.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12600", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73915", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73879", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12600" }, { "reference_url": "https://github.com/opencv/opencv/issues/9311", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9311" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/11" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/9" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483895", "reference_id": "1483895", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483895" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872045", "reference_id": "872045", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872045" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12600", "reference_id": "CVE-2017-12600", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12600" }, { "reference_url": "https://github.com/advisories/GHSA-fr58-2xhv-qp3w", "reference_id": "GHSA-fr58-2xhv-qp3w", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fr58-2xhv-qp3w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12600", "GHSA-fr58-2xhv-qp3w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22su-dw4m-pfe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41554?format=api", "vulnerability_id": "VCID-25vm-cytf-bqb1", "summary": "Out-of-bounds Write\nAn exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5063.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5063.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5063", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05482", "scoring_system": "epss", "scoring_elements": "0.90386", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.05482", "scoring_system": "epss", "scoring_elements": "0.90371", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5063" }, { "reference_url": "https://github.com/opencv/opencv/issues/16951", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/16951" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/25", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/25" }, { "reference_url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0852", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0852" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790055", "reference_id": "1790055", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790055" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948180", "reference_id": "948180", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948180" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5063", "reference_id": "CVE-2019-5063", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5063" }, { "reference_url": "https://github.com/advisories/GHSA-m6vm-8g8v-xfjh", "reference_id": "GHSA-m6vm-8g8v-xfjh", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m6vm-8g8v-xfjh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517067?format=api", "purl": "pkg:deb/debian/opencv@4.5.1%2Bdfsg-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5" } ], "aliases": [ "CVE-2019-5063", "GHSA-m6vm-8g8v-xfjh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-25vm-cytf-bqb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41581?format=api", "vulnerability_id": "VCID-2dwz-2v5y-4qeb", "summary": "Integer Overflow or Wraparound\nIn opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12864.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12864.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0167", "scoring_system": "epss", "scoring_elements": "0.8246", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0167", "scoring_system": "epss", "scoring_elements": "0.82489", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12864" }, { "reference_url": "https://github.com/opencv/opencv/issues/9372", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9372" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483698", "reference_id": "1483698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483698" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875345", "reference_id": "875345", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875345" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12864", "reference_id": "CVE-2017-12864", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12864" }, { "reference_url": "https://github.com/advisories/GHSA-267x-w5hx-8hjr", "reference_id": "GHSA-267x-w5hx-8hjr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-267x-w5hx-8hjr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12864", "GHSA-267x-w5hx-8hjr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2dwz-2v5y-4qeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41552?format=api", "vulnerability_id": "VCID-3zc6-3229-wfcc", "summary": "Divide By Zero\nAn issue was discovered in OpenCV There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15939.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72882", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72919", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15939" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/OpenCV/opencv/issues/15287", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/OpenCV/opencv/issues/15287" }, { "reference_url": "https://github.com/opencv/opencv/pull/15382", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/15382" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764731", "reference_id": "1764731", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764731" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15939", "reference_id": "CVE-2019-15939", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15939" }, { "reference_url": "https://github.com/advisories/GHSA-hxfw-jm98-v4mq", "reference_id": "GHSA-hxfw-jm98-v4mq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-hxfw-jm98-v4mq" }, { "reference_url": "https://usn.ubuntu.com/USN-4818-1/", "reference_id": "USN-USN-4818-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4818-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517067?format=api", "purl": "pkg:deb/debian/opencv@4.5.1%2Bdfsg-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5" } ], "aliases": [ "CVE-2019-15939", "GHSA-hxfw-jm98-v4mq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3zc6-3229-wfcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41580?format=api", "vulnerability_id": "VCID-4t6y-22xf-3ueq", "summary": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')\nOpenCV (Open Source Computer Vision Library) has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12601.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12601.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72617", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72577", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12601" }, { "reference_url": "https://github.com/opencv/opencv/issues/9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9309" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/11" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/9" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483896", "reference_id": "1483896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483896" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044", "reference_id": "872044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12601", "reference_id": "CVE-2017-12601", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12601" }, { "reference_url": "https://github.com/advisories/GHSA-w96g-3p64-63wr", "reference_id": "GHSA-w96g-3p64-63wr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-w96g-3p64-63wr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12601", "GHSA-w96g-3p64-63wr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4t6y-22xf-3ueq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41553?format=api", "vulnerability_id": "VCID-7r2a-ega4-cbbh", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nOpenCV has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-17760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01536", "scoring_system": "epss", "scoring_elements": "0.81701", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01536", "scoring_system": "epss", "scoring_elements": "0.8167", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-17760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17760" }, { "reference_url": "https://github.com/opencv/opencv/issues/10351", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/10351" }, { "reference_url": "https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "http://www.securityfocus.com/bid/102974", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/102974" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530747", "reference_id": "1530747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530747" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885843", "reference_id": "885843", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885843" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17760", "reference_id": "CVE-2017-17760", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17760" }, { "reference_url": "https://github.com/advisories/GHSA-jcxv-2j3h-mg59", "reference_id": "GHSA-jcxv-2j3h-mg59", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-jcxv-2j3h-mg59" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-17760", "GHSA-jcxv-2j3h-mg59" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7r2a-ega4-cbbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41578?format=api", "vulnerability_id": "VCID-8uwy-v2wq-n3cy", "summary": "Out-of-bounds Read\nIn OpenCV, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18009.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18009.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46037", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45968", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18009" }, { "reference_url": "https://github.com/opencv/opencv/issues/10479", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/10479" }, { "reference_url": "https://github.com/opencv/opencv/pull/10480/commits/4ca89db22dea962690f31c1781bce5937ee91837", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/10480/commits/4ca89db22dea962690f31c1781bce5937ee91837" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "http://www.securityfocus.com/bid/106945", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106945" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531268", "reference_id": "1531268", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531268" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924884", "reference_id": "924884", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924884" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18009", "reference_id": "CVE-2017-18009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18009" }, { "reference_url": "https://github.com/advisories/GHSA-83rh-hx5x-q9p5", "reference_id": "GHSA-83rh-hx5x-q9p5", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-83rh-hx5x-q9p5" }, { "reference_url": "https://usn.ubuntu.com/USN-4818-1/", "reference_id": "USN-USN-4818-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4818-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517067?format=api", "purl": "pkg:deb/debian/opencv@4.5.1%2Bdfsg-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5" } ], "aliases": [ "CVE-2017-18009", "GHSA-83rh-hx5x-q9p5" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8uwy-v2wq-n3cy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41568?format=api", "vulnerability_id": "VCID-b7m4-s1rg-wqe7", "summary": "Out-of-bounds Read\nOpenCV (Open Source Computer Vision Library) has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12599.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65562", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.6551", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12599" }, { "reference_url": "https://github.com/opencv/opencv/issues/9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9309" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/11" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/9" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483894", "reference_id": "1483894", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483894" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044", "reference_id": "872044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12599", "reference_id": "CVE-2017-12599", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12599" }, { "reference_url": "https://github.com/advisories/GHSA-fvq6-392h-6mjj", "reference_id": "GHSA-fvq6-392h-6mjj", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fvq6-392h-6mjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12599", "GHSA-fvq6-392h-6mjj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b7m4-s1rg-wqe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41565?format=api", "vulnerability_id": "VCID-dv7w-p358-1qda", "summary": "Out-of-bounds Read\nAn issue was discovered in OpenCV There is an out-of-bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14491.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53899", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53842", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14491" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/opencv/opencv/compare/33b765d...4a7ca5a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/compare/33b765d...4a7ca5a" }, { "reference_url": "https://github.com/opencv/opencv/compare/371bba8...ddbd10c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/compare/371bba8...ddbd10c" }, { "reference_url": "https://github.com/opencv/opencv/issues/15125", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/15125" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752025", "reference_id": "1752025", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752025" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14491", "reference_id": "CVE-2019-14491", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14491" }, { "reference_url": "https://github.com/advisories/GHSA-fm39-cw8h-3p63", "reference_id": "GHSA-fm39-cw8h-3p63", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fm39-cw8h-3p63" }, { "reference_url": "https://usn.ubuntu.com/USN-4818-1/", "reference_id": "USN-USN-4818-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4818-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517067?format=api", "purl": "pkg:deb/debian/opencv@4.5.1%2Bdfsg-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5" } ], "aliases": [ "CVE-2019-14491", "GHSA-fm39-cw8h-3p63" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dv7w-p358-1qda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41575?format=api", "vulnerability_id": "VCID-dw95-fpkf-pfew", "summary": "Improper Input Validation\nOpenCV allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62597", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62552", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1517" }, { "reference_url": "https://arxiv.org/pdf/1701.04739.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://arxiv.org/pdf/1701.04739.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1517" }, { "reference_url": "https://github.com/opencv/opencv/issues/5956", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/5956" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443531", "reference_id": "1443531", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443531" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872043", "reference_id": "872043", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872043" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1517", "reference_id": "CVE-2016-1517", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1517" }, { "reference_url": "https://github.com/advisories/GHSA-fffj-9qwg-qmh5", "reference_id": "GHSA-fffj-9qwg-qmh5", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fffj-9qwg-qmh5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2016-1517", "GHSA-fffj-9qwg-qmh5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dw95-fpkf-pfew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41573?format=api", "vulnerability_id": "VCID-e6gy-hka8-9bae", "summary": "Out-of-bounds Write\nOpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12605.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12605.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.72083", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.72124", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12605" }, { "reference_url": "https://github.com/opencv/opencv/issues/9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9309" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483900", "reference_id": "1483900", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483900" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044", "reference_id": "872044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12605", "reference_id": "CVE-2017-12605", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12605" }, { "reference_url": "https://github.com/advisories/GHSA-rqxg-xvcq-3v2f", "reference_id": "GHSA-rqxg-xvcq-3v2f", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rqxg-xvcq-3v2f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12605", "GHSA-rqxg-xvcq-3v2f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6gy-hka8-9bae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41557?format=api", "vulnerability_id": "VCID-fjy7-r2wm-n3b4", "summary": "Out-of-bounds Read\nAn out-of-bounds read was discovered in OpenCV Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19672", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19596", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418" }, { "reference_url": "https://github.com/opencv/opencv/issues/14554", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/14554" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/25", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/25" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780543", "reference_id": "1780543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780543" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2019-19624", "reference_id": "CVE-2019-19624", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/cve-2019-19624" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19624", "reference_id": "CVE-2019-19624", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19624" }, { "reference_url": "https://github.com/advisories/GHSA-jggw-2q6g-c3m6", "reference_id": "GHSA-jggw-2q6g-c3m6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-jggw-2q6g-c3m6" }, { "reference_url": "https://usn.ubuntu.com/7247-1/", "reference_id": "USN-7247-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7247-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517067?format=api", "purl": "pkg:deb/debian/opencv@4.5.1%2Bdfsg-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5" } ], "aliases": [ "CVE-2019-19624", "GHSA-jggw-2q6g-c3m6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fjy7-r2wm-n3b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41556?format=api", "vulnerability_id": "VCID-j87y-pgt8-xbat", "summary": "Reachable Assertion\nIn OpenCV, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5269.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5269.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5269", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00479", "scoring_system": "epss", "scoring_elements": "0.65405", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00479", "scoring_system": "epss", "scoring_elements": "0.65354", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5269" }, { "reference_url": "https://github.com/opencv/opencv/issues/10540", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/10540" }, { "reference_url": "https://github.com/opencv/opencv/pull/10563", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/10563" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00019.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "http://www.securityfocus.com/bid/106945", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106945" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532551", "reference_id": "1532551", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532551" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886675", "reference_id": "886675", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886675" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5269", "reference_id": "CVE-2018-5269", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5269" }, { "reference_url": "https://github.com/advisories/GHSA-89rj-5ggj-3p9p", "reference_id": "GHSA-89rj-5ggj-3p9p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-89rj-5ggj-3p9p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2018-5269", "GHSA-89rj-5ggj-3p9p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j87y-pgt8-xbat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78245?format=api", "vulnerability_id": "VCID-jwwm-5zrf-a3af", "summary": "opencv: OpenCV use after free", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53644.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53644.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53644", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45888", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53644" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53644", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53644" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381763", "reference_id": "2381763", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381763" }, { "reference_url": "https://github.com/opencv/opencv/issues/27271", "reference_id": "27271", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T20:23:04Z/" } ], "url": "https://github.com/opencv/opencv/issues/27271" }, { "reference_url": "https://github.com/opencv/opencv/releases/tag/4.12.0", "reference_id": "4.12.0", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T20:23:04Z/" } ], "url": "https://github.com/opencv/opencv/releases/tag/4.12.0" }, { "reference_url": "https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466", "reference_id": "a39db41390de546d18962ee1278bd6dbb715f466", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T20:23:04Z/" } ], "url": "https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV/", "reference_id": "GHSL-2025-057_OpenCV", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T20:23:04Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2025-53644" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jwwm-5zrf-a3af" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41559?format=api", "vulnerability_id": "VCID-jypn-sttp-tkgm", "summary": "Out-of-bounds Write\nAn exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5064.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5064.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02639", "scoring_system": "epss", "scoring_elements": "0.86014", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02639", "scoring_system": "epss", "scoring_elements": "0.85992", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5064" }, { "reference_url": "https://github.com/opencv/opencv/issues/15857", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/15857" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/32" }, { "reference_url": "https://github.com/opencv/opencv/releases/tag/4.2.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/releases/tag/4.2.0" }, { "reference_url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790059", "reference_id": "1790059", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790059" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948180", "reference_id": "948180", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948180" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5064", "reference_id": "CVE-2019-5064", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5064" }, { "reference_url": "https://github.com/advisories/GHSA-q799-q27x-vp7w", "reference_id": "GHSA-q799-q27x-vp7w", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q799-q27x-vp7w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517067?format=api", "purl": "pkg:deb/debian/opencv@4.5.1%2Bdfsg-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5" } ], "aliases": [ "CVE-2019-5064", "GHSA-q799-q27x-vp7w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jypn-sttp-tkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41585?format=api", "vulnerability_id": "VCID-jzve-9vvd-mued", "summary": "Out-of-bounds Write\nOpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12606.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12606.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0083", "scoring_system": "epss", "scoring_elements": "0.74897", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0083", "scoring_system": "epss", "scoring_elements": "0.74926", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12606" }, { "reference_url": "https://github.com/opencv/opencv/issues/9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9309" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483891", "reference_id": "1483891", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483891" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044", "reference_id": "872044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12606", "reference_id": "CVE-2017-12606", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12606" }, { "reference_url": "https://github.com/advisories/GHSA-vc29-rj92-gc7j", "reference_id": "GHSA-vc29-rj92-gc7j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vc29-rj92-gc7j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12606", "GHSA-vc29-rj92-gc7j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jzve-9vvd-mued" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41561?format=api", "vulnerability_id": "VCID-m3rr-ppwn-5kd8", "summary": "Out-of-bounds Write\nOpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12604.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12604.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12604", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.72083", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.72124", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12604" }, { "reference_url": "https://github.com/opencv/opencv/issues/9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9309" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483899", "reference_id": "1483899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044", "reference_id": "872044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12604", "reference_id": "CVE-2017-12604", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12604" }, { "reference_url": "https://github.com/advisories/GHSA-c7gp-2pch-qh2v", "reference_id": "GHSA-c7gp-2pch-qh2v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-c7gp-2pch-qh2v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12604", "GHSA-c7gp-2pch-qh2v" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3rr-ppwn-5kd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41555?format=api", "vulnerability_id": "VCID-qz2a-2d4y-y7hq", "summary": "Out-of-bounds Write\nOpenCV (Open Source Computer Vision Library) has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12603.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.72083", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.72124", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12603" }, { "reference_url": "https://github.com/opencv/opencv/issues/9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9309" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483898", "reference_id": "1483898", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483898" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044", "reference_id": "872044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12603", "reference_id": "CVE-2017-12603", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12603" }, { "reference_url": "https://github.com/advisories/GHSA-6v6p-p97v-g2p7", "reference_id": "GHSA-6v6p-p97v-g2p7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6v6p-p97v-g2p7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12603", "GHSA-6v6p-p97v-g2p7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qz2a-2d4y-y7hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41551?format=api", "vulnerability_id": "VCID-s11e-t19f-kfe4", "summary": "Out-of-bounds Read\nOpenCV (Open Source Computer Vision Library) has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12598.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12598.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12598", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65562", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.6551", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12598" }, { "reference_url": "https://github.com/opencv/opencv/issues/9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9309" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/11" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/9" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483893", "reference_id": "1483893", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483893" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044", "reference_id": "872044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12598", "reference_id": "CVE-2017-12598", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12598" }, { "reference_url": "https://github.com/advisories/GHSA-33h2-69j3-r336", "reference_id": "GHSA-33h2-69j3-r336", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-33h2-69j3-r336" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12598", "GHSA-33h2-69j3-r336" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s11e-t19f-kfe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41587?format=api", "vulnerability_id": "VCID-syem-z8g2-n7h2", "summary": "Out-of-bounds Write\nOpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12597.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12597.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12597", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.71368", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.71323", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12597" }, { "reference_url": "https://github.com/opencv/opencv/issues/9309", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9309" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/11" }, { "reference_url": "https://github.com/opencv/opencv-python/releases/tag/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python/releases/tag/9" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483892", "reference_id": "1483892", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483892" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044", "reference_id": "872044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872044" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12597", "reference_id": "CVE-2017-12597", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12597" }, { "reference_url": "https://github.com/advisories/GHSA-8w3x-457r-wg53", "reference_id": "GHSA-8w3x-457r-wg53", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8w3x-457r-wg53" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12597", "GHSA-8w3x-457r-wg53" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-syem-z8g2-n7h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41562?format=api", "vulnerability_id": "VCID-ttbc-7ys4-wfdw", "summary": "Integer Overflow or Wraparound\nIn opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12863.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12863.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12863", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0167", "scoring_system": "epss", "scoring_elements": "0.8246", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0167", "scoring_system": "epss", "scoring_elements": "0.82489", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12863" }, { "reference_url": "https://github.com/opencv/opencv/issues/9371", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9371" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483696", "reference_id": "1483696", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483696" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875344", "reference_id": "875344", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875344" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12863", "reference_id": "CVE-2017-12863", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12863" }, { "reference_url": "https://github.com/advisories/GHSA-wq8f-wvqp-xvvm", "reference_id": "GHSA-wq8f-wvqp-xvvm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wq8f-wvqp-xvvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12863", "GHSA-wq8f-wvqp-xvvm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ttbc-7ys4-wfdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41591?format=api", "vulnerability_id": "VCID-vtbm-x7bk-tqgv", "summary": "Out-of-bounds Write\nIn modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12862.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12862.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02079", "scoring_system": "epss", "scoring_elements": "0.84315", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02079", "scoring_system": "epss", "scoring_elements": "0.84291", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12862" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12862" }, { "reference_url": "https://github.com/opencv/opencv/issues/9370", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9370" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483695", "reference_id": "1483695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483695" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875342", "reference_id": "875342", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875342" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12862", "reference_id": "CVE-2017-12862", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12862" }, { "reference_url": "https://github.com/advisories/GHSA-5rpc-gwh9-q9fg", "reference_id": "GHSA-5rpc-gwh9-q9fg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5rpc-gwh9-q9fg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12862", "GHSA-5rpc-gwh9-q9fg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vtbm-x7bk-tqgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41586?format=api", "vulnerability_id": "VCID-w461-q9h5-pfdg", "summary": "Denial of Service in OpenCV\nOpenCV (Open Source Computer Vision Library) has a denial of service (memory consumption) issue, as demonstrated by the test case.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12602.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73915", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73879", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12602" }, { "reference_url": "https://github.com/opencv/opencv/issues/9311", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9311" }, { "reference_url": "https://github.com/opencv/opencv/pull/9376", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9376" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/xiaoqx/pocs/blob/master/opencv.md" }, { "reference_url": "https://security.gentoo.org/glsa/201712-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201712-02" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483897", "reference_id": "1483897", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483897" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872045", "reference_id": "872045", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872045" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12602", "reference_id": "CVE-2017-12602", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12602" }, { "reference_url": "https://github.com/advisories/GHSA-pqjj-6f5q-gqph", "reference_id": "GHSA-pqjj-6f5q-gqph", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pqjj-6f5q-gqph" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-12602", "GHSA-pqjj-6f5q-gqph" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w461-q9h5-pfdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41564?format=api", "vulnerability_id": "VCID-yjd6-1et5-vqer", "summary": "Out-of-bounds Write\nIn OpenCV, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5268.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5268.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.56735", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.56683", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/opencv/opencv/issues/10541", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/10541" }, { "reference_url": "https://github.com/opencv/opencv/pull/10566/commits/435a3e337bd9d4e11af61cf8b8afca067bf1a8aa", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/10566/commits/435a3e337bd9d4e11af61cf8b8afca067bf1a8aa" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00019.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "http://www.securityfocus.com/bid/106945", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106945" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532552", "reference_id": "1532552", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532552" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886674", "reference_id": "886674", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886674" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5268", "reference_id": "CVE-2018-5268", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5268" }, { "reference_url": "https://github.com/advisories/GHSA-9g8h-pjm4-q92p", "reference_id": "GHSA-9g8h-pjm4-q92p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9g8h-pjm4-q92p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2018-5268", "GHSA-9g8h-pjm4-q92p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yjd6-1et5-vqer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41583?format=api", "vulnerability_id": "VCID-yjsn-xjss-wqe3", "summary": "Integer Overflow or Wraparound\nIn opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000450.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03513", "scoring_system": "epss", "scoring_elements": "0.87864", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03513", "scoring_system": "epss", "scoring_elements": "0.87842", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000450" }, { "reference_url": "https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor" }, { "reference_url": "https://github.com/opencv/opencv/issues/9723", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/issues/9723" }, { "reference_url": "https://github.com/opencv/opencv/pull/9726/commits/c58152d94ba878b2d7d76bcac59146312199b9eb", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv/pull/9726/commits/c58152d94ba878b2d7d76bcac59146312199b9eb" }, { "reference_url": "https://github.com/opencv/opencv-python", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencv/opencv-python" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531610", "reference_id": "1531610", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531610" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886282", "reference_id": "886282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886282" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000450", "reference_id": "CVE-2017-1000450", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000450" }, { "reference_url": "https://github.com/advisories/GHSA-m43c-649m-pm48", "reference_id": "GHSA-m43c-649m-pm48", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m43c-649m-pm48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516676?format=api", "purl": "pkg:deb/debian/opencv@3.2.0%2Bdfsg-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qhy-7pnz-aqga" }, { "vulnerability": "VCID-21n5-7ukh-gyfr" }, { "vulnerability": "VCID-25vm-cytf-bqb1" }, { "vulnerability": "VCID-3zc6-3229-wfcc" }, { "vulnerability": "VCID-8uwy-v2wq-n3cy" }, { "vulnerability": "VCID-dv7w-p358-1qda" }, { "vulnerability": "VCID-fjy7-r2wm-n3b4" }, { "vulnerability": "VCID-jypn-sttp-tkgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6" } ], "aliases": [ "CVE-2017-1000450", "GHSA-m43c-649m-pm48" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yjsn-xjss-wqe3" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@0.9.5-10" }