OpenCV
Maybe the developer should get updating their openCVs...
Dabblers with prominent artificial intelligence tools have been warned and/or reminded to check their dependencies because some have open vulnerabilities. That warning came from Qixue Xiao and Deyue Zhang (from Quihoo's 360 Security Research Lab), Kang Li (University of Georgia) and Weilin Xu (University of Virginia), who …
Is it a mistake?
OpenCV is an image processing package. It works well on tiny hardware, or doing intensive tasks on big hardware. Do I really want its speed halved to protect every call from malicous arguments and buffer overflows?
If you are a public internet facing services at a bank then you want security to be the main priority, but if you are an AI research project inside a private server I want a library to be fast and efficient. In the same way that I want my travel laptop to be light and fast, not to be waterproof, radiation hardened, explosive atmosphere safe and rated for Ptarmigan security