Vulnerabilities > CVE-2023-2617 - NULL Pointer Dereference vulnerability in Opencv

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

opencv

CWE-476

NVD

Published: 2023-05-10

Updated: 2024-05-17

Summary

A vulnerability classified as problematic was found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-228547.

Vulnerable Configurations

Part	Description	Count
Application	Opencv Opencv Opencv 4.5.2 Opencv Opencv 4.5.3 Opencv Opencv 4.5.4 Opencv Opencv 4.5.5 Opencv Opencv 4.6.0 Opencv Opencv 4.7.0	6

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References