MEDIUM 6.5
PYSEC-2026-723
Out-of-bounds Read in OpenCV
상세
An out-of-bounds read was discovered in OpenCV before 4.1.1 (OpenCV-Python before 4.1.0.25). Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
PyPI / opencv-contrib-python-headless
최초 영향 버전:
0 수정 버전: 4.1.0.25 수정
pip install --upgrade 'opencv-contrib-python-headless>=4.1.0.25' 참고
- https://nvd.nist.gov/vuln/detail/CVE-2019-19624 [ADVISORY]
- https://github.com/opencv/opencv/issues/14554 [WEB]
- https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418 [WEB]
- https://access.redhat.com/security/cve/cve-2019-19624 [WEB]
- https://github.com/opencv/opencv-python [PACKAGE]
- https://github.com/opencv/opencv-python/releases/tag/25 [WEB]
- https://pypi.org/project/opencv-contrib-python-headless [PACKAGE]
- https://github.com/advisories/GHSA-jggw-2q6g-c3m6 [ADVISORY]