CVE-2017-12863

Name of the Vulnerable Software and Affected Versions: OpenCV versions 3.3 and earlier

Description: The issue is related to an integer overflow in the PxMDecoder::readData function in opencv/modules/imgcodecs/src/grfmt pxm.cpp. This can lead to remote code execution or denial of service if the image is from a remote source. The vulnerability may allow an attacker to access confidential data, compromise its integrity, and cause a denial of service using a specially crafted file.

Recommendations: For OpenCV versions 3.3 and earlier, consider disabling the PxMDecoder::readData function until a patch is available to prevent potential remote code execution or denial of service. Restrict access to remote images to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.