CVE-2018-11805

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-11805
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11805.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-11805
Downstream
Related
Published
2019-12-12T23:15:11.947Z
Modified
2026-02-15T07:29:18.411952Z
Severity
  • 6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf files from trusted places.

References

Affected packages

Git / github.com/opencv/opencv

Affected ranges

Type
GIT
Repo
https://github.com/opencv/opencv
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
eff0f9d3f8ef2474fd8401d6727441388b63ad51

Affected versions

2.*
2.2
2.4.0
2.4.1
2.4.10
2.4.10.1
2.4.10.2
2.4.10.3
2.4.10.4
2.4.11
2.4.12
2.4.12.1
2.4.12.2
2.4.12.3
2.4.13
2.4.13.1
2.4.2
2.4.3
2.4.3-rc
2.4.3.1
2.4.3.2
2.4.4
2.4.4-beta
2.4.5
2.4.6
2.4.6.1
2.4.6.2
2.4.6.2-rc1
2.4.7
2.4.7-rc1
2.4.7.1
2.4.7.2
2.4.8
2.4.8.1
2.4.8.2
2.4.8.3
2.4.9
2.4.9.1
3.*
3.0-ocl-tech-preview
3.0-ocl-tp2
3.0.0
3.0.0-alpha
3.0.0-beta
3.0.0-rc1
3.1.0
3.2.0
3.2.0-rc
3.3.0
3.3.0-cvsdk
3.3.0-rc
3.3.1
3.3.1-cvsdk
3.4.0
3.4.0-rc
3.4.1
3.4.1-cvsdk
3.4.2
3.4.2-openvino

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11805.json"
vanir_signatures 
[
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/opencv/opencv/commit/eff0f9d3f8ef2474fd8401d6727441388b63ad51",
        "digest": {
            "line_hashes": [
                "323248478238597101958989815437355990559",
                "176176309332104088148907981391106563995",
                "248469761741697741586018679910976430470",
                "9563911843908748465687995626952526608",
                "325176880757229154644387118825809222474",
                "158814710380410900575167633104177471304",
                "51813537240901869387517081705456923445",
                "10447875464855210024549807230991110013"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2018-11805-acf61243",
        "deprecated": false,
        "target": {
            "file": "modules/dnn/src/layers/normalize_bbox_layer.cpp"
        }
    }
]