Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-8849-5h85-98qw

GitHub Security Advisory

Out-of-bounds Write in OpenCV

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616

Affected Packages

PyPI opencv-python
Affected versions: 0 (last affected: 4.1.1.26)
PyPI opencv-python-headless
Affected versions: 0 (last affected: 4.1.1.26)
PyPI opencv-contrib-python
Affected versions: 0 (last affected: 4.1.1.26)
PyPI opencv-contrib-python-headless
Affected versions: 0 (last affected: 4.1.1.26)

Related CVEs

CVE-2019-9423

Key Information

GHSA ID
GHSA-8849-5h85-98qw
Published
October 12, 2021 10:22 PM
Last Modified
October 6, 2021 7:53 PM
CVSS Score
7.5 /10
Primary Ecosystem
PyPI
Primary Package
opencv-python
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 31, 2025 6:36 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.