HIGH 7.5
PYSEC-2026-718
NULL Pointer Dereference in OpenCV.
Details
An issue was discovered in OpenCV before 4.1.1 (OpenCV-Python before 4.1.1.26). There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / opencv-contrib-python-headless
Introduced in:
0 Fixed in: 4.1.1.26 Fix
pip install --upgrade 'opencv-contrib-python-headless>=4.1.1.26' References
- https://nvd.nist.gov/vuln/detail/CVE-2019-14493 [ADVISORY]
- https://github.com/opencv/opencv/issues/15127 [WEB]
- https://github.com/opencv/opencv-python [PACKAGE]
- https://github.com/opencv/opencv/compare/371bba8...ddbd10c [WEB]
- https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html [WEB]
- https://pypi.org/project/opencv-contrib-python-headless [PACKAGE]
- https://github.com/advisories/GHSA-3448-vrgh-85xr [ADVISORY]