How severe is CVE-2018-7712?

CVE-2018-7712 has a CVSS v3 score of 7.5 (HIGH).

CVE-2018-7712

Name: opencv
Author: opencv

7.5HIGH

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may

公開日: 3/5/2018更新日: 11/21/2024

説明

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.

AI分析AIによる分析

影響を受ける製品

opencvopencv

3.4.1

参照

https://github.com/opencv/opencv/issues/10998
https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert
Third Party Advisory
https://github.com/opencv/opencv/issues/10998
https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert
Third Party Advisory