How severe is CVE-2018-7712?

CVE-2018-7712 has a CVSS v3 score of 7.5 (HIGH).

CVE-2018-7712

Name: opencv
Author: opencv

7.5HIGH

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may

게시됨: 3/5/2018업데이트됨: 11/21/2024

설명

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.

AI 분석AI 기반

영향받는 제품

opencvopencv

3.4.1

참조

https://github.com/opencv/opencv/issues/10998
https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert
Third Party Advisory
https://github.com/opencv/opencv/issues/10998
https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert
Third Party Advisory