VulnerableCode Package Details - pkg:pypi/opencv-contrib-python@4.1.1.26

Search for packages

Vulnerability	Summary	Fixed by
VCID-58aj-jc6y-dqcg Aliases: PYSEC-2023-181	opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.	4.8.1.78 Affected by 0 other vulnerabilities.
VCID-h7gk-61kp-8ygz Aliases: CVE-2019-16249 GHSA-x3rm-644h-67m8	Out-of-bounds Read OpenCV has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.	4.1.2.30 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kxqz-tbvz-gfcs Aliases: CVE-2019-9423 GHSA-8849-5h85-98qw	Out-of-bounds Write In opencv calls that use libpng, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-58aj-jc6y-dqcg
Aliases:
PYSEC-2023-181

opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.

4.8.1.78
Affected by 0 other vulnerabilities.

VCID-h7gk-61kp-8ygz
Aliases:
CVE-2019-16249
GHSA-x3rm-644h-67m8

Out-of-bounds Read OpenCV has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.

4.1.2.30
Affected by 2 other vulnerabilities.

VCID-kxqz-tbvz-gfcs
Aliases:
CVE-2019-9423
GHSA-8849-5h85-98qw

Out-of-bounds Write In opencv calls that use libpng, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
VCID-1qhy-7pnz-aqga	Out-of-bounds Write An issue was discovered in OpenCV There is an out-of-bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.	CVE-2019-14492 GHSA-fw99-f933-rgh8
VCID-21n5-7ukh-gyfr	NULL Pointer Dereference An issue was discovered in OpenCV There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp.	CVE-2019-14493 GHSA-3448-vrgh-85xr
VCID-3zc6-3229-wfcc	Divide By Zero An issue was discovered in OpenCV There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.	CVE-2019-15939 GHSA-hxfw-jm98-v4mq
VCID-dv7w-p358-1qda	Out-of-bounds Read An issue was discovered in OpenCV There is an out-of-bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.	CVE-2019-14491 GHSA-fm39-cw8h-3p63

Vulnerability

Summary

Aliases

VCID-1qhy-7pnz-aqga

Out-of-bounds Write An issue was discovered in OpenCV There is an out-of-bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

CVE-2019-14492
GHSA-fw99-f933-rgh8

VCID-21n5-7ukh-gyfr

NULL Pointer Dereference An issue was discovered in OpenCV There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp.

CVE-2019-14493
GHSA-3448-vrgh-85xr

VCID-3zc6-3229-wfcc

Divide By Zero An issue was discovered in OpenCV There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.

CVE-2019-15939
GHSA-hxfw-jm98-v4mq

VCID-dv7w-p358-1qda

Out-of-bounds Read An issue was discovered in OpenCV There is an out-of-bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

CVE-2019-14491
GHSA-fm39-cw8h-3p63

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:40:12.142191+00:00	GitLab Importer	Fixing	VCID-1qhy-7pnz-aqga	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-14492.yml	38.6.0
2026-06-02T04:40:10.873715+00:00	GitLab Importer	Fixing	VCID-3zc6-3229-wfcc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-15939.yml	38.6.0
2026-06-02T04:40:10.586151+00:00	GitLab Importer	Affected by	VCID-h7gk-61kp-8ygz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-16249.yml	38.6.0
2026-06-02T04:40:10.125845+00:00	GitLab Importer	Fixing	VCID-dv7w-p358-1qda	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-14491.yml	38.6.0
2026-06-02T04:40:09.619809+00:00	GitLab Importer	Affected by	VCID-kxqz-tbvz-gfcs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-9423.yml	38.6.0
2026-06-02T04:40:08.915432+00:00	GitLab Importer	Fixing	VCID-21n5-7ukh-gyfr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-contrib-python/CVE-2019-14493.yml	38.6.0
2026-06-02T04:25:21.179762+00:00	Pypa Importer	Affected by	VCID-58aj-jc6y-dqcg	https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python/PYSEC-2023-181.yaml	38.6.0