Vulnerabilities > CVE-2023-2618 - Memory Leak vulnerability in Opencv

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

opencv

CWE-401

NVD

Published: 2023-05-10

Updated: 2024-04-11

Summary

A vulnerability, which was classified as problematic, has been found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to memory leak. The attack may be launched remotely. The name of the patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-228548.

Vulnerable Configurations

Part	Description	Count
Application	Opencv Opencv Opencv 4.5.2 Opencv Opencv 4.5.3 Opencv Opencv 4.5.4 Opencv Opencv 4.5.5 Opencv Opencv 4.6.0 Opencv Opencv 4.7.0	6

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References