Buffer Overflow in cv::BmpDecoder::readData function in OpenCV

Buffer Overflow in cv::BmpDecoder::readData function in OpenCV

CVE-2017-12601 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case.

Learn more about our Open Source Audit.