| Package | opencv |
|---|---|
| Version | 3.2.0+dfsg-6+deb10u1 (buster) |
| Related CVEs | CVE-2017-18009 CVE-2019-14491 CVE-2019-14492 CVE-2019-14493 CVE-2019-15939 CVE-2019-19624 |
Multiple vulnerabilities were found in the computer vision library OpenCV.
CVE-2017-18009
Buffer overflow in the cv::HdrDecoder::checkSignature function
CVE-2019-14491
Out-of-bounds read in cv::predictOrdered<cv::HaarEvaluator>
CVE-2019-14492
Out-of-bounds read/write in the HaarEvaluator::OptFeature::calc function
CVE-2019-14493
NULL pointer dereference in the cv::XMLParser::parse funcion
CVE-2019-15939
Divide-by-zero error in cv::HOGDescriptor::getDescriptorSize
CVE-2019-19624
Out-of-bounds read in the calc() function of dis_flow.cpp, when dealing
with small images
For Debian 10 buster, these problems have been fixed in version 3.2.0+dfsg-6+deb10u1.
We recommend that you upgrade your opencv packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.