Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-53644
PUBLISHED
More InfoOfficial Page
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
View Known Exploited Vulnerability (KEV) details
Published At-17 Jul, 2025 | 17:58
Updated At-26 Sep, 2025 | 21:56
Rejected At-
▼CVE Numbering Authority (CNA)
OpenCV contains a use after free buffer write due to an uninitialized pointer

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability.

Affected Products
Vendor
opencv
Product
opencv
Versions
Affected
  • >= 4.10.0, < 4.12.0
Problem Types
TypeCWE IDDescription
CWECWE-457CWE-457: Use of Uninitialized Variable
Type: CWE
CWE ID: CWE-457
Description: CWE-457: Use of Uninitialized Variable
Metrics
VersionBase scoreBase severityVector
4.06.6MEDIUM
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
Version: 4.0
Base score: 6.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV/
x_refsource_CONFIRM
https://github.com/opencv/opencv/issues/27271
x_refsource_MISC
https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466
x_refsource_MISC
https://github.com/opencv/opencv/releases/tag/4.12.0
x_refsource_MISC
Hyperlink: https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV/
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/opencv/opencv/issues/27271
Resource:
x_refsource_MISC
Hyperlink: https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466
Resource:
x_refsource_MISC
Hyperlink: https://github.com/opencv/opencv/releases/tag/4.12.0
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found