CVE-2018-5268
MEDIUMOpenCV 3.3.1 - Heap-Based Buffer Overflow in JPEG2000 Image Parser
Title source: llmDescription
In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.
References (5)
Core 5
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106945
Exploit, Issue Tracking, Mailing List, Third Party Advisory x_refsource_misc
https://github.com/opencv/opencv/issues/10541
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/04/msg00019.html
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html
Scores
CVSS v3
5.5
EPSS
0.0151
EPSS Percentile
71.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-787
Status
published
Products (6)
debian/debian_linux
7.0
debian/debian_linux
8.0
debian/debian_linux
9.0
opencv/opencv
3.3.1
pypi/opencv-contrib-python
0 - 3.4.1.15PyPI
pypi/opencv-python
0 - 3.4.1.15PyPI
Published
Jan 08, 2018
Tracked Since
Feb 18, 2026