Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/opencv-contrib-python-headless@4.1.1.26
Typepypi
Namespace
Nameopencv-contrib-python-headless
Version4.1.1.26
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.8.1.78
Latest_non_vulnerable_version4.8.1.78
Affected_by_vulnerabilities
0
url VCID-h7gk-61kp-8ygz
vulnerability_id VCID-h7gk-61kp-8ygz
summary 
Out-of-bounds Read
OpenCV has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1752702
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1752702
1
reference_url https://github.com/opencv/opencv/issues/15481
reference_id
reference_type
scores
url https://github.com/opencv/opencv/issues/15481
2
reference_url https://github.com/opencv/opencv/pull/15531
reference_id
reference_type
scores
url https://github.com/opencv/opencv/pull/15531
3
reference_url https://github.com/opencv/opencv-python/releases/tag/30
reference_id
reference_type
scores
url https://github.com/opencv/opencv-python/releases/tag/30
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-16249
reference_id CVE-2019-16249
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-16249
5
reference_url https://github.com/advisories/GHSA-x3rm-644h-67m8
reference_id GHSA-x3rm-644h-67m8
reference_type
scores
url https://github.com/advisories/GHSA-x3rm-644h-67m8
fixed_packages
0
url pkg:pypi/opencv-contrib-python-headless@4.1.2.30
purl pkg:pypi/opencv-contrib-python-headless@4.1.2.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jypn-sttp-tkgm
1
vulnerability VCID-qn1c-mtud-5kbq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@4.1.2.30
aliases CVE-2019-16249, GHSA-x3rm-644h-67m8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h7gk-61kp-8ygz
1
url VCID-kxqz-tbvz-gfcs
vulnerability_id VCID-kxqz-tbvz-gfcs
summary 
Out-of-bounds Write
In opencv calls that use libpng, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616
references
0
reference_url https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url https://source.android.com/security/bulletin/android-10
1
reference_url http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2019/10/25/17
2
reference_url http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2019/10/27/1
3
reference_url http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2019/11/07/1
4
reference_url http://www.openwall.com/lists/oss-security/2020/12/05/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/12/05/1
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9423
reference_id CVE-2019-9423
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9423
6
reference_url https://github.com/advisories/GHSA-8849-5h85-98qw
reference_id GHSA-8849-5h85-98qw
reference_type
scores
url https://github.com/advisories/GHSA-8849-5h85-98qw
fixed_packages
aliases CVE-2019-9423, GHSA-8849-5h85-98qw
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kxqz-tbvz-gfcs
2
url VCID-qn1c-mtud-5kbq
vulnerability_id VCID-qn1c-mtud-5kbq
summary opencv-contrib-python-headless versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python-headless v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.
references
0
reference_url https://github.com/opencv/opencv/pull/24274
reference_id
reference_type
scores
url https://github.com/opencv/opencv/pull/24274
1
reference_url https://github.com/opencv/opencv/wiki/ChangeLog#version481
reference_id
reference_type
scores
url https://github.com/opencv/opencv/wiki/ChangeLog#version481
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-4863
reference_id
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-4863
fixed_packages
0
url pkg:pypi/opencv-contrib-python-headless@4.8.1.78
purl pkg:pypi/opencv-contrib-python-headless@4.8.1.78
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@4.8.1.78
aliases PYSEC-2023-182
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qn1c-mtud-5kbq
Fixing_vulnerabilities
0
url VCID-1qhy-7pnz-aqga
vulnerability_id VCID-1qhy-7pnz-aqga
summary 
Out-of-bounds Write
An issue was discovered in OpenCV There is an out-of-bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html
1
reference_url https://github.com/opencv/opencv/compare/33b765d...4a7ca5a
reference_id
reference_type
scores
url https://github.com/opencv/opencv/compare/33b765d...4a7ca5a
2
reference_url https://github.com/opencv/opencv/compare/371bba8...ddbd10c
reference_id
reference_type
scores
url https://github.com/opencv/opencv/compare/371bba8...ddbd10c
3
reference_url https://github.com/opencv/opencv/issues/15124
reference_id
reference_type
scores
url https://github.com/opencv/opencv/issues/15124
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14492
reference_id CVE-2019-14492
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-14492
5
reference_url https://github.com/advisories/GHSA-fw99-f933-rgh8
reference_id GHSA-fw99-f933-rgh8
reference_type
scores
url https://github.com/advisories/GHSA-fw99-f933-rgh8
fixed_packages
0
url pkg:pypi/opencv-contrib-python-headless@3.4.7.28
purl pkg:pypi/opencv-contrib-python-headless@3.4.7.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qn1c-mtud-5kbq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@3.4.7.28
1
url pkg:pypi/opencv-contrib-python-headless@4.1.1.26
purl pkg:pypi/opencv-contrib-python-headless@4.1.1.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-h7gk-61kp-8ygz
1
vulnerability VCID-kxqz-tbvz-gfcs
2
vulnerability VCID-qn1c-mtud-5kbq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@4.1.1.26
aliases CVE-2019-14492, GHSA-fw99-f933-rgh8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1qhy-7pnz-aqga
1
url VCID-21n5-7ukh-gyfr
vulnerability_id VCID-21n5-7ukh-gyfr
summary 
NULL Pointer Dereference
An issue was discovered in OpenCV There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp.
references
0
reference_url https://github.com/opencv/opencv/compare/371bba8...ddbd10c
reference_id
reference_type
scores
url https://github.com/opencv/opencv/compare/371bba8...ddbd10c
1
reference_url https://github.com/opencv/opencv/issues/15127
reference_id
reference_type
scores
url https://github.com/opencv/opencv/issues/15127
2
reference_url https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14493
reference_id CVE-2019-14493
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-14493
4
reference_url https://github.com/advisories/GHSA-3448-vrgh-85xr
reference_id GHSA-3448-vrgh-85xr
reference_type
scores
url https://github.com/advisories/GHSA-3448-vrgh-85xr
fixed_packages
0
url pkg:pypi/opencv-contrib-python-headless@4.1.1.26
purl pkg:pypi/opencv-contrib-python-headless@4.1.1.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-h7gk-61kp-8ygz
1
vulnerability VCID-kxqz-tbvz-gfcs
2
vulnerability VCID-qn1c-mtud-5kbq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@4.1.1.26
aliases CVE-2019-14493, GHSA-3448-vrgh-85xr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-21n5-7ukh-gyfr
2
url VCID-3zc6-3229-wfcc
vulnerability_id VCID-3zc6-3229-wfcc
summary 
Divide By Zero
An issue was discovered in OpenCV There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html
1
reference_url https://github.com/OpenCV/opencv/issues/15287
reference_id
reference_type
scores
url https://github.com/OpenCV/opencv/issues/15287
2
reference_url https://github.com/opencv/opencv/pull/15382
reference_id
reference_type
scores
url https://github.com/opencv/opencv/pull/15382
3
reference_url https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-15939
reference_id CVE-2019-15939
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-15939
5
reference_url https://github.com/advisories/GHSA-hxfw-jm98-v4mq
reference_id GHSA-hxfw-jm98-v4mq
reference_type
scores
url https://github.com/advisories/GHSA-hxfw-jm98-v4mq
fixed_packages
0
url pkg:pypi/opencv-contrib-python-headless@4.1.1.26
purl pkg:pypi/opencv-contrib-python-headless@4.1.1.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-h7gk-61kp-8ygz
1
vulnerability VCID-kxqz-tbvz-gfcs
2
vulnerability VCID-qn1c-mtud-5kbq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@4.1.1.26
aliases CVE-2019-15939, GHSA-hxfw-jm98-v4mq
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3zc6-3229-wfcc
3
url VCID-dv7w-p358-1qda
vulnerability_id VCID-dv7w-p358-1qda
summary 
Out-of-bounds Read
An issue was discovered in OpenCV There is an out-of-bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
references
0
reference_url https://github.com/opencv/opencv/compare/33b765d...4a7ca5a
reference_id
reference_type
scores
url https://github.com/opencv/opencv/compare/33b765d...4a7ca5a
1
reference_url https://github.com/opencv/opencv/compare/371bba8...ddbd10c
reference_id
reference_type
scores
url https://github.com/opencv/opencv/compare/371bba8...ddbd10c
2
reference_url https://github.com/opencv/opencv/issues/15125
reference_id
reference_type
scores
url https://github.com/opencv/opencv/issues/15125
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPFLN6QAX6SUA4XR4NMKKXX26H3TYCVQ/
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14491
reference_id CVE-2019-14491
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-14491
5
reference_url https://github.com/advisories/GHSA-fm39-cw8h-3p63
reference_id GHSA-fm39-cw8h-3p63
reference_type
scores
url https://github.com/advisories/GHSA-fm39-cw8h-3p63
fixed_packages
0
url pkg:pypi/opencv-contrib-python-headless@3.4.7.28
purl pkg:pypi/opencv-contrib-python-headless@3.4.7.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qn1c-mtud-5kbq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@3.4.7.28
1
url pkg:pypi/opencv-contrib-python-headless@4.1.1.26
purl pkg:pypi/opencv-contrib-python-headless@4.1.1.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-h7gk-61kp-8ygz
1
vulnerability VCID-kxqz-tbvz-gfcs
2
vulnerability VCID-qn1c-mtud-5kbq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@4.1.1.26
aliases CVE-2019-14491, GHSA-fm39-cw8h-3p63
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dv7w-p358-1qda
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python-headless@4.1.1.26