PYSEC-2026-712

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python/PYSEC-2026-712.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-712
Aliases
Published
2026-07-02T14:13:12.452411Z
Modified
2026-07-06T08:00:46.185233940Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Integer Overflow or Wraparound in OpenCV.
Details

In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 (corresponding with OpenCV-Python 3.3.0.9) and earlier.

References

Affected packages

PyPI / opencv-contrib-python

Package

Name
opencv-contrib-python
View open source insights on deps.dev
Purl
pkg:pypi/opencv-contrib-python

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.1.11

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python/PYSEC-2026-712.yaml"