How severe is CVE-2025-53644?

CVE-2025-53644 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-53644

Name: opencv
Author: opencv

9.8CRITICAL

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG imag

Опубликовано: 7/17/2025Обновлено: 10/17/2025

Описание

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability.

ИИ-АнализНа базе ИИ

Затронутые продукты

opencvopencv

Ссылки

https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466
Patch
https://github.com/opencv/opencv/issues/27271
Issue Tracking
https://github.com/opencv/opencv/releases/tag/4.12.0
Release Notes
https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV/
ExploitThird Party Advisory