OSV-2025-51

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/opencv/OSV-2025-51.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-51

Published

2025-01-22T00:03:50.355443Z

Modified

2025-01-24T14:26:07.849301Z

Summary

Heap-buffer-overflow in std::__1::__function::__func<cv::PngDecoder::compose_frame

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=390788198

Crash type: Heap-buffer-overflow WRITE {*}
Crash state:
std::__1::__function::__func&lt;cv::PngDecoder::compose_frame
cv::ParallelLoopBodyWrapper::operator
cv::ThreadPool::run

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=390788198

Affected packages

OSS-Fuzz / opencv

Package

Name: opencv
Purl: pkg:generic/opencv

Affected ranges

Type: GIT
Repo: https://github.com/opencv/opencv.git
Events: Introduced

b4d03256663b6ceb2994c367be4664f282c9f1ec

Fixed

7728dd3387112636912ff9420461ae11e37a732d

Fixed

4a4031dc48475ec3354d28a3cdedda57a8913443

Affected versions

4.*

4.11.0

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

{
    "introduced_range": "a6f72f813d307f77e7597447bdba25dcb5b6447d:ff18c9cc7904e878b10273265196e0238490e692",
    "fixed_range": "459bb12466abdade062607ae54f3267adaef8063:4a4031dc48475ec3354d28a3cdedda57a8913443"
}