CVE-2018-5268

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-5268

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5268.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-5268

Aliases

GHSA-9g8h-pjm4-q92p

Related

Published

2018-01-08T05:29:00Z

Modified

2025-01-14T07:34:35.846333Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.

References

Affected packages

Debian:11 / opencv

Package

Name: opencv
Purl: pkg:deb/debian/opencv?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.0+dfsg-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / opencv

Package

Name: opencv
Purl: pkg:deb/debian/opencv?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.0+dfsg-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / opencv

Package

Name: opencv
Purl: pkg:deb/debian/opencv?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.0+dfsg-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/opencv/opencv

Affected ranges

Type: GIT
Repo: https://github.com/opencv/opencv
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

af4d6f34d8d05b0a9a0278728823272e49a63898

Type: GIT
Repo: https://github.com/opencv/opencv_contrib
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0bd061f07b665a7fb3f744122550393b337c50e5

Affected versions

2.*

2.2

2.4.0

2.4.1

2.4.10

2.4.10.1

2.4.10.2

2.4.10.3

2.4.10.4

2.4.11

2.4.12

2.4.12.1

2.4.12.2

2.4.12.3

2.4.13

2.4.13.1

2.4.2

2.4.3

2.4.3-rc

2.4.3.1

2.4.3.2

2.4.4

2.4.4-beta

2.4.5

2.4.6

2.4.6.1

2.4.6.2

2.4.6.2-rc1

2.4.7

2.4.7-rc1

2.4.7.1

2.4.7.2

2.4.8

2.4.8.1

2.4.8.2

2.4.8.3

2.4.9

2.4.9.1

3.*

3.0-ocl-tech-preview

3.0-ocl-tp2

3.0.0

3.0.0-alpha

3.0.0-beta

3.0.0-rc1

3.1.0

3.2.0

3.2.0-rc

3.3.0

3.3.0-cvsdk

3.3.0-rc

3.3.1

3.3.1-cvsdk