How severe is CVE-2025-53644?

CVE-2025-53644 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-53644

Name: opencv
Author: opencv

9.8CRITICAL

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG imag

公開日: 7/17/2025更新日: 10/17/2025

説明

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability.

AI分析AIによる分析

影響を受ける製品

opencvopencv

参照

https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466
Patch
https://github.com/opencv/opencv/issues/27271
Issue Tracking
https://github.com/opencv/opencv/releases/tag/4.12.0
Release Notes
https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV/
ExploitThird Party Advisory