VulnerableCode Package Details - pkg:pypi/opencv-contrib-python@3.3.1.11

Search for packages

Vulnerability	Summary	Fixed by
VCID-58aj-jc6y-dqcg Aliases: PYSEC-2023-181	opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.	4.8.1.78 Affected by 0 other vulnerabilities.
VCID-7r2a-ega4-cbbh Aliases: CVE-2017-17760 GHSA-jcxv-2j3h-mg59	Improper Restriction of Operations within the Bounds of a Memory Buffer OpenCV has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used.	3.4.0.12 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-8uwy-v2wq-n3cy Aliases: CVE-2017-18009 GHSA-83rh-hx5x-q9p5	Out-of-bounds Read In OpenCV, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp.	3.4.1.15 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-j87y-pgt8-xbat Aliases: CVE-2018-5269 GHSA-89rj-5ggj-3p9p	Reachable Assertion In OpenCV, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.	3.4.1.15 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-yjd6-1et5-vqer Aliases: CVE-2018-5268 GHSA-9g8h-pjm4-q92p	Out-of-bounds Write In OpenCV, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.	3.4.1.15 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-58aj-jc6y-dqcg
Aliases:
PYSEC-2023-181

opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.

4.8.1.78
Affected by 0 other vulnerabilities.

VCID-7r2a-ega4-cbbh
Aliases:
CVE-2017-17760
GHSA-jcxv-2j3h-mg59

Improper Restriction of Operations within the Bounds of a Memory Buffer OpenCV has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used.

3.4.0.12
Affected by 1 other vulnerability.

VCID-8uwy-v2wq-n3cy
Aliases:
CVE-2017-18009
GHSA-83rh-hx5x-q9p5

Out-of-bounds Read In OpenCV, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp.

3.4.1.15
Affected by 1 other vulnerability.

VCID-j87y-pgt8-xbat
Aliases:
CVE-2018-5269
GHSA-89rj-5ggj-3p9p

Reachable Assertion In OpenCV, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.

3.4.1.15
Affected by 1 other vulnerability.

VCID-yjd6-1et5-vqer
Aliases:
CVE-2018-5268
GHSA-9g8h-pjm4-q92p

Out-of-bounds Write In OpenCV, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.

3.4.1.15
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-1bk1-pc9v-ykgv	Double Free OpenCV has a double free issue that allows attackers to execute arbitrary code.	CVE-2016-1516 GHSA-cvhw-2593-5j2q
VCID-22su-dw4m-pfe6	Denial of Service in OpenCV OpenCV (Open Source Computer Vision Library) has a denial of service (CPU consumption) issue, as demonstrated by the test case.	CVE-2017-12600 GHSA-fr58-2xhv-qp3w
VCID-2dwz-2v5y-4qeb	Integer Overflow or Wraparound In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.	CVE-2017-12864 GHSA-267x-w5hx-8hjr
VCID-4t6y-22xf-3ueq	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') OpenCV (Open Source Computer Vision Library) has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case.	CVE-2017-12601 GHSA-w96g-3p64-63wr
VCID-b7m4-s1rg-wqe7	Out-of-bounds Read OpenCV (Open Source Computer Vision Library) has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread.	CVE-2017-12599 GHSA-fvq6-392h-6mjj
VCID-dw95-fpkf-pfew	Improper Input Validation OpenCV allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks.	CVE-2016-1517 GHSA-fffj-9qwg-qmh5
VCID-e6gy-hka8-9bae	Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread.	CVE-2017-12605 GHSA-rqxg-xvcq-3v2f
VCID-jzve-9vvd-mued	Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread.	CVE-2017-12606 GHSA-vc29-rj92-gc7j
VCID-m3rr-ppwn-5kd8	Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread.	CVE-2017-12604 GHSA-c7gp-2pch-qh2v
VCID-mkrd-7czn-b3bz	Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12597.	CVE-2017-14136 GHSA-634c-v2xv-ffpg
VCID-qz2a-2d4y-y7hq	Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case.	CVE-2017-12603 GHSA-6v6p-p97v-g2p7
VCID-s11e-t19f-kfe4	Out-of-bounds Read OpenCV (Open Source Computer Vision Library) has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case.	CVE-2017-12598 GHSA-33h2-69j3-r336
VCID-syem-z8g2-n7h2	Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread.	CVE-2017-12597 GHSA-8w3x-457r-wg53
VCID-ttbc-7ys4-wfdw	Integer Overflow or Wraparound In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.	CVE-2017-12863 GHSA-wq8f-wvqp-xvvm
VCID-vtbm-x7bk-tqgv	Out-of-bounds Write In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.	CVE-2017-12862 GHSA-5rpc-gwh9-q9fg
VCID-w461-q9h5-pfdg	Denial of Service in OpenCV OpenCV (Open Source Computer Vision Library) has a denial of service (memory consumption) issue, as demonstrated by the test case.	CVE-2017-12602 GHSA-pqjj-6f5q-gqph
VCID-yjsn-xjss-wqe3	Integer Overflow or Wraparound In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.	CVE-2017-1000450 GHSA-m43c-649m-pm48

Vulnerability

Summary

Aliases

VCID-1bk1-pc9v-ykgv

Double Free OpenCV has a double free issue that allows attackers to execute arbitrary code.

CVE-2016-1516
GHSA-cvhw-2593-5j2q

VCID-22su-dw4m-pfe6

Denial of Service in OpenCV OpenCV (Open Source Computer Vision Library) has a denial of service (CPU consumption) issue, as demonstrated by the test case.

CVE-2017-12600
GHSA-fr58-2xhv-qp3w

VCID-2dwz-2v5y-4qeb

Integer Overflow or Wraparound In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.

CVE-2017-12864
GHSA-267x-w5hx-8hjr

VCID-4t6y-22xf-3ueq

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') OpenCV (Open Source Computer Vision Library) has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case.

CVE-2017-12601
GHSA-w96g-3p64-63wr

VCID-b7m4-s1rg-wqe7

Out-of-bounds Read OpenCV (Open Source Computer Vision Library) has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread.

CVE-2017-12599
GHSA-fvq6-392h-6mjj

VCID-dw95-fpkf-pfew

Improper Input Validation OpenCV allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks.

CVE-2016-1517
GHSA-fffj-9qwg-qmh5

VCID-e6gy-hka8-9bae

Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread.

CVE-2017-12605
GHSA-rqxg-xvcq-3v2f

VCID-jzve-9vvd-mued

Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread.

CVE-2017-12606
GHSA-vc29-rj92-gc7j

VCID-m3rr-ppwn-5kd8

Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread.

CVE-2017-12604
GHSA-c7gp-2pch-qh2v

VCID-mkrd-7czn-b3bz

Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12597.

CVE-2017-14136
GHSA-634c-v2xv-ffpg

VCID-qz2a-2d4y-y7hq

Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case.

CVE-2017-12603
GHSA-6v6p-p97v-g2p7

VCID-s11e-t19f-kfe4

Out-of-bounds Read OpenCV (Open Source Computer Vision Library) has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case.

CVE-2017-12598
GHSA-33h2-69j3-r336

VCID-syem-z8g2-n7h2

Out-of-bounds Write OpenCV (Open Source Computer Vision Library) has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread.

CVE-2017-12597
GHSA-8w3x-457r-wg53

VCID-ttbc-7ys4-wfdw

Integer Overflow or Wraparound In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.

CVE-2017-12863
GHSA-wq8f-wvqp-xvvm

VCID-vtbm-x7bk-tqgv

Out-of-bounds Write In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.

CVE-2017-12862
GHSA-5rpc-gwh9-q9fg

VCID-w461-q9h5-pfdg

Denial of Service in OpenCV OpenCV (Open Source Computer Vision Library) has a denial of service (memory consumption) issue, as demonstrated by the test case.

CVE-2017-12602
GHSA-pqjj-6f5q-gqph

VCID-yjsn-xjss-wqe3

Integer Overflow or Wraparound In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv.

CVE-2017-1000450
GHSA-m43c-649m-pm48

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:40:13.961448+00:00	GitLab Importer	Fixing	VCID-syem-z8g2-n7h2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12597.yml	38.6.0
2026-06-02T04:40:13.574072+00:00	GitLab Importer	Fixing	VCID-vtbm-x7bk-tqgv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12862.yml	38.6.0
2026-06-02T04:40:13.221381+00:00	GitLab Importer	Affected by	VCID-j87y-pgt8-xbat	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2018-5269.yml	38.6.0
2026-06-02T04:40:12.723574+00:00	GitLab Importer	Fixing	VCID-w461-q9h5-pfdg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12602.yml	38.6.0
2026-06-02T04:40:12.676449+00:00	GitLab Importer	Fixing	VCID-jzve-9vvd-mued	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12606.yml	38.6.0
2026-06-02T04:40:12.526844+00:00	GitLab Importer	Fixing	VCID-yjsn-xjss-wqe3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-1000450.yml	38.6.0
2026-06-02T04:40:12.475525+00:00	GitLab Importer	Fixing	VCID-22su-dw4m-pfe6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12600.yml	38.6.0
2026-06-02T04:40:12.250504+00:00	GitLab Importer	Fixing	VCID-b7m4-s1rg-wqe7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12599.yml	38.6.0
2026-06-02T04:40:11.925484+00:00	GitLab Importer	Fixing	VCID-2dwz-2v5y-4qeb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12864.yml	38.6.0
2026-06-02T04:40:11.872147+00:00	GitLab Importer	Fixing	VCID-m3rr-ppwn-5kd8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12604.yml	38.6.0
2026-06-02T04:40:11.828440+00:00	GitLab Importer	Fixing	VCID-dw95-fpkf-pfew	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2016-1517.yml	38.6.0
2026-06-02T04:40:11.790807+00:00	GitLab Importer	Fixing	VCID-4t6y-22xf-3ueq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12601.yml	38.6.0
2026-06-02T04:40:11.562481+00:00	GitLab Importer	Affected by	VCID-8uwy-v2wq-n3cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-18009.yml	38.6.0
2026-06-02T04:40:11.277290+00:00	GitLab Importer	Fixing	VCID-e6gy-hka8-9bae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12605.yml	38.6.0
2026-06-02T04:40:10.709394+00:00	GitLab Importer	Fixing	VCID-mkrd-7czn-b3bz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-14136.yml	38.6.0
2026-06-02T04:40:10.443480+00:00	GitLab Importer	Fixing	VCID-ttbc-7ys4-wfdw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12863.yml	38.6.0
2026-06-02T04:40:10.278125+00:00	GitLab Importer	Affected by	VCID-7r2a-ega4-cbbh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-17760.yml	38.6.0
2026-06-02T04:40:10.047944+00:00	GitLab Importer	Affected by	VCID-yjd6-1et5-vqer	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2018-5268.yml	38.6.0
2026-06-02T04:40:09.510533+00:00	GitLab Importer	Fixing	VCID-1bk1-pc9v-ykgv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2016-1516.yml	38.6.0
2026-06-02T04:40:09.230484+00:00	GitLab Importer	Fixing	VCID-qz2a-2d4y-y7hq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12603.yml	38.6.0
2026-06-02T04:40:08.978924+00:00	GitLab Importer	Fixing	VCID-s11e-t19f-kfe4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-12598.yml	38.6.0
2026-06-02T04:25:21.030285+00:00	Pypa Importer	Affected by	VCID-58aj-jc6y-dqcg	https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python/PYSEC-2023-181.yaml	38.6.0