VulnerableCode Package Details - pkg:pypi/opencv-contrib-python@4.1.0.25

Search for packages

Vulnerability	Summary	Fixed by
VCID-1qhy-7pnz-aqga Aliases: CVE-2019-14492 GHSA-fw99-f933-rgh8	Out-of-bounds Write An issue was discovered in OpenCV There is an out-of-bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.	4.1.1.26 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-21n5-7ukh-gyfr Aliases: CVE-2019-14493 GHSA-3448-vrgh-85xr	NULL Pointer Dereference An issue was discovered in OpenCV There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp.	4.1.1.26 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-25vm-cytf-bqb1 Aliases: CVE-2019-5063 GHSA-m6vm-8g8v-xfjh	Out-of-bounds Write An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability.	There are no reported fixed by versions.
VCID-3zc6-3229-wfcc Aliases: CVE-2019-15939 GHSA-hxfw-jm98-v4mq	Divide By Zero An issue was discovered in OpenCV There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.	4.1.1.26 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-58aj-jc6y-dqcg Aliases: PYSEC-2023-181	opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.	4.8.1.78 Affected by 0 other vulnerabilities.
VCID-dv7w-p358-1qda Aliases: CVE-2019-14491 GHSA-fm39-cw8h-3p63	Out-of-bounds Read An issue was discovered in OpenCV There is an out-of-bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.	4.1.1.26 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-1qhy-7pnz-aqga
Aliases:
CVE-2019-14492
GHSA-fw99-f933-rgh8

Out-of-bounds Write An issue was discovered in OpenCV There is an out-of-bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

4.1.1.26
Affected by 3 other vulnerabilities.

VCID-21n5-7ukh-gyfr
Aliases:
CVE-2019-14493
GHSA-3448-vrgh-85xr

NULL Pointer Dereference An issue was discovered in OpenCV There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp.

4.1.1.26
Affected by 3 other vulnerabilities.

VCID-25vm-cytf-bqb1
Aliases:
CVE-2019-5063
GHSA-m6vm-8g8v-xfjh

Out-of-bounds Write An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability.

There are no reported fixed by versions.

VCID-3zc6-3229-wfcc
Aliases:
CVE-2019-15939
GHSA-hxfw-jm98-v4mq

Divide By Zero An issue was discovered in OpenCV There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.

4.1.1.26
Affected by 3 other vulnerabilities.

VCID-58aj-jc6y-dqcg
Aliases:
PYSEC-2023-181

opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.

4.8.1.78
Affected by 0 other vulnerabilities.

VCID-dv7w-p358-1qda
Aliases:
CVE-2019-14491
GHSA-fm39-cw8h-3p63

Out-of-bounds Read An issue was discovered in OpenCV There is an out-of-bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

4.1.1.26
Affected by 3 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-fjy7-r2wm-n3b4	Out-of-bounds Read An out-of-bounds read was discovered in OpenCV Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy.	CVE-2019-19624 GHSA-jggw-2q6g-c3m6

Vulnerability

Summary

Aliases

VCID-fjy7-r2wm-n3b4

Out-of-bounds Read An out-of-bounds read was discovered in OpenCV Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy.

CVE-2019-19624
GHSA-jggw-2q6g-c3m6

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:40:12.126358+00:00	GitLab Importer	Affected by	VCID-1qhy-7pnz-aqga	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-14492.yml	38.6.0
2026-06-02T04:40:11.132293+00:00	GitLab Importer	Fixing	VCID-fjy7-r2wm-n3b4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-19624.yml	38.6.0
2026-06-02T04:40:10.869863+00:00	GitLab Importer	Affected by	VCID-3zc6-3229-wfcc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-15939.yml	38.6.0
2026-06-02T04:40:10.198787+00:00	GitLab Importer	Affected by	VCID-25vm-cytf-bqb1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-5063.yml	38.6.0
2026-06-02T04:40:10.108560+00:00	GitLab Importer	Affected by	VCID-dv7w-p358-1qda	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-14491.yml	38.6.0
2026-06-02T04:40:08.911511+00:00	GitLab Importer	Affected by	VCID-21n5-7ukh-gyfr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-14493.yml	38.6.0
2026-06-02T04:25:21.175233+00:00	Pypa Importer	Affected by	VCID-58aj-jc6y-dqcg	https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python/PYSEC-2023-181.yaml	38.6.0