Vasiliev-Vb

**Name of the Vulnerable Software and Affected Versions** OpenCV versions prior to 4.1.1 OpenCV-Python versions prior to 4.1.0.25 **Description** An out-of-bounds read issue was discovered in the `calc()` and `ocl calc()` functions within the `dis flow.cpp` component of OpenCV. This occurs because the `coarsest scale` variable is assumed to be greater than or equal to `finest scale`, which is not true when handling small images. As a result, it leads to an out-of-bounds read of the heap-allocated arrays `Ux` and `Uy`. This could potentially allow a remote attacker to access confidential data and cause a denial of service. **Recommendations** For OpenCV versions prior to 4.1.1, update to version 4.1.1 or later to resolve the issue. For OpenCV-Python versions prior to 4.1.0.25, update to version 4.1.0.25 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `calc()` and `ocl calc()` functions in `dis flow.cpp` when dealing with small images until a patch is available.