View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2025-53644 not yet assigned priority: Debian including 1 source packages (opencv), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability.