VDB
KO
MEDIUM 5.5

PYSEC-2026-705

Out-of-bounds Write in OpenCV.

Details

In OpenCV 3.3.1 (corresponding with OpenCV-Python 3.3.1.11), a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / opencv-contrib-python
Introduced in: 0 Fixed in: 3.4.1.15
Fix pip install --upgrade 'opencv-contrib-python>=3.4.1.15'

References