{"id":"CVE-2023-2617","details":"A vulnerability classified as problematic was found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-228547.","modified":"2026-03-14T12:03:49.051868Z","published":"2023-05-10T06:15:16.853Z","references":[{"type":"WEB","url":"https://gist.github.com/GZTimeWalker/3ca70a8af2f5830711e9cccc73fb5270"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.228547"},{"type":"REPORT","url":"https://vuldb.com/?id.228547"},{"type":"FIX","url":"https://github.com/opencv/opencv_contrib/pull/3480"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opencv/opencv","events":[{"introduced":"898c639f6ab195b81a1d3e9b2470a3f03123dd03"},{"last_affected":"725e440d278aca07d35a5e8963ef990572b07316"}],"database_specific":{"versions":[{"introduced":"4.5.2"},{"last_affected":"4.7.0"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2617.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}