Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/opencv-contrib-python@4.1.2.30
Typepypi
Namespace
Nameopencv-contrib-python
Version4.1.2.30
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.8.1.78
Latest_non_vulnerable_version4.8.1.78
Affected_by_vulnerabilities
0
url VCID-58aj-jc6y-dqcg
vulnerability_id VCID-58aj-jc6y-dqcg
summary opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.
references
0
reference_url https://github.com/opencv/opencv/pull/24274
reference_id
reference_type
scores
url https://github.com/opencv/opencv/pull/24274
1
reference_url https://github.com/opencv/opencv/wiki/ChangeLog#version481
reference_id
reference_type
scores
url https://github.com/opencv/opencv/wiki/ChangeLog#version481
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-4863
reference_id
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-4863
fixed_packages
0
url pkg:pypi/opencv-contrib-python@4.8.1.78
purl pkg:pypi/opencv-contrib-python@4.8.1.78
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python@4.8.1.78
aliases PYSEC-2023-181
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58aj-jc6y-dqcg
1
url VCID-jypn-sttp-tkgm
vulnerability_id VCID-jypn-sttp-tkgm
summary 
Out-of-bounds Write
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.
references
0
reference_url https://github.com/opencv/opencv/issues/15857
reference_id
reference_type
scores
url https://github.com/opencv/opencv/issues/15857
1
reference_url https://github.com/opencv/opencv-python/releases/tag/32
reference_id
reference_type
scores
url https://github.com/opencv/opencv-python/releases/tag/32
2
reference_url https://github.com/opencv/opencv/releases/tag/4.2.0
reference_id
reference_type
scores
url https://github.com/opencv/opencv/releases/tag/4.2.0
3
reference_url https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853
reference_id
reference_type
scores
url https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853
4
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuApr2021.html
5
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
url https://www.oracle.com//security-alerts/cpujul2021.html
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-5064
reference_id CVE-2019-5064
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-5064
7
reference_url https://github.com/advisories/GHSA-q799-q27x-vp7w
reference_id GHSA-q799-q27x-vp7w
reference_type
scores
url https://github.com/advisories/GHSA-q799-q27x-vp7w
fixed_packages
0
url pkg:pypi/opencv-contrib-python@4.2.0.32
purl pkg:pypi/opencv-contrib-python@4.2.0.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-58aj-jc6y-dqcg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python@4.2.0.32
aliases CVE-2019-5064, GHSA-q799-q27x-vp7w
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jypn-sttp-tkgm
Fixing_vulnerabilities
0
url VCID-h7gk-61kp-8ygz
vulnerability_id VCID-h7gk-61kp-8ygz
summary 
Out-of-bounds Read
OpenCV has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1752702
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1752702
1
reference_url https://github.com/opencv/opencv/issues/15481
reference_id
reference_type
scores
url https://github.com/opencv/opencv/issues/15481
2
reference_url https://github.com/opencv/opencv/pull/15531
reference_id
reference_type
scores
url https://github.com/opencv/opencv/pull/15531
3
reference_url https://github.com/opencv/opencv-python/releases/tag/30
reference_id
reference_type
scores
url https://github.com/opencv/opencv-python/releases/tag/30
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-16249
reference_id CVE-2019-16249
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-16249
5
reference_url https://github.com/advisories/GHSA-x3rm-644h-67m8
reference_id GHSA-x3rm-644h-67m8
reference_type
scores
url https://github.com/advisories/GHSA-x3rm-644h-67m8
fixed_packages
0
url pkg:pypi/opencv-contrib-python@4.1.2.30
purl pkg:pypi/opencv-contrib-python@4.1.2.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-58aj-jc6y-dqcg
1
vulnerability VCID-jypn-sttp-tkgm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python@4.1.2.30
aliases CVE-2019-16249, GHSA-x3rm-644h-67m8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h7gk-61kp-8ygz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python@4.1.2.30