CVE-2019-14492

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

References

Affected packages

Git / github.com/opencv/opencv

Affected ranges

Type: GIT
Repo: https://github.com/opencv/opencv
Events: Fixed

4a7ca5a291038a773ea0b67eaf6fbed9ad72170b

Introduced

e6d9486a6cb3379a0eeb59bd405bea3125ea364d

Fixed

693877212d34f2d5e3bbf29287aa1db2d07d4d6d

Affected versions

3.*

3.4.4

3.4.5

3.4.6

4.*

4.0.0-openvino

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "source": "https://github.com/opencv/opencv/commit/693877212d34f2d5e3bbf29287aa1db2d07d4d6d",
        "target": {
            "file": "modules/videoio/src/backend_plugin.cpp"
        },
        "id": "CVE-2019-14492-f4b69b89",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "324810334612706110929790317977131335514",
                "283354122908894961945064184555133515053",
                "29337495017562247810249731437058366319",
                "15156896965861494906414910206189503336"
            ]
        },
        "deprecated": false
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-14492.json"

Git / github.com/opencv/opencv_contrib

Affected ranges

Type: GIT
Repo: https://github.com/opencv/opencv_contrib
Events: Introduced

d511587cf0bc782022db215d20d960afb2e9efe2

Fixed

0915b7eaddba3c06d83e201c9a7595e73801f417

Fixed

6d656ca069afb3a3cb43a3484ee3a2d215982997

Affected versions

3.*

3.4.5

3.4.6

3.4.7

4.*

4.0.0

4.0.1

4.1.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-14492.json"