VulnerableCode Package Details - pkg:pypi/opencv-contrib-python@3.4.1.15

Search for packages

Vulnerability	Summary	Fixed by
VCID-58aj-jc6y-dqcg Aliases: PYSEC-2023-181	opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.	4.8.1.78 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-58aj-jc6y-dqcg
Aliases:
PYSEC-2023-181

opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.

4.8.1.78
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-8uwy-v2wq-n3cy	Out-of-bounds Read In OpenCV, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp.	CVE-2017-18009 GHSA-83rh-hx5x-q9p5
VCID-j87y-pgt8-xbat	Reachable Assertion In OpenCV, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.	CVE-2018-5269 GHSA-89rj-5ggj-3p9p
VCID-yjd6-1et5-vqer	Out-of-bounds Write In OpenCV, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.	CVE-2018-5268 GHSA-9g8h-pjm4-q92p

Vulnerability

Summary

Aliases

VCID-8uwy-v2wq-n3cy

Out-of-bounds Read In OpenCV, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp.

CVE-2017-18009
GHSA-83rh-hx5x-q9p5

VCID-j87y-pgt8-xbat

Reachable Assertion In OpenCV, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.

CVE-2018-5269
GHSA-89rj-5ggj-3p9p

VCID-yjd6-1et5-vqer

Out-of-bounds Write In OpenCV, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.

CVE-2018-5268
GHSA-9g8h-pjm4-q92p

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:40:13.225360+00:00	GitLab Importer	Fixing	VCID-j87y-pgt8-xbat	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2018-5269.yml	38.6.0
2026-06-02T04:40:11.566437+00:00	GitLab Importer	Fixing	VCID-8uwy-v2wq-n3cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2017-18009.yml	38.6.0
2026-06-02T04:40:10.051780+00:00	GitLab Importer	Fixing	VCID-yjd6-1et5-vqer	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2018-5268.yml	38.6.0
2026-06-02T04:25:21.043819+00:00	Pypa Importer	Affected by	VCID-58aj-jc6y-dqcg	https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python/PYSEC-2023-181.yaml	38.6.0