PYSEC-2026-697

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python/PYSEC-2026-697.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-697
Aliases
Published
2026-07-02T14:13:12.041837Z
Modified
2026-07-06T08:00:48.530274851Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Integer Overflow or Wraparound in OpenCV
Details

In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects OpenCV 3.3 (corresponding with OpenCV-Python version 3.3.0.9) and earlier.

References

Affected packages

PyPI / opencv-contrib-python

Package

Name
opencv-contrib-python
View open source insights on deps.dev
Purl
pkg:pypi/opencv-contrib-python

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.1.11

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python/PYSEC-2026-697.yaml"