openSUSE Security Update : opencv (openSUSE-2019-436)

This update for opencv fixes this security issue : - CVE-2017-18009: Prevent heap-based buffer over-read in the function cv::HdrDecoder::checkSignature bsc1074312. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Heap-based Buffer Over-read

OpenCV is vulnerable to heap-based buffer over-reads. Attackers can trigger this vulnerability through the cv::HdrDecoder::checkSignature function...

CVE-2017-18009

CVE-2017-18009 is a heap-based buffer over-read in OpenCV 3.3.1 (HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp). Multiple connected sources confirm the issue and its OpenCV-related fixes across distros (e.g., openSUSE/OpenCV security advisories and Ubuntu/Nessus entries). Impa...

PT-2017-4333 · Intel +3 · Opencv +3

Name of the Vulnerable Software and Affected Versions: OpenCV version 3.3.1 Description: A heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt hdr.cpp. This issue is related to reading beyond the valid boundaries of a data buffer...