VulnerableCode Package Details - pkg:pypi/opencv-python@4.2.0.32

Search for packages

Vulnerability	Summary	Fixed by
VCID-4emq-jp96-xubx Aliases: GHSA-qr4w-53vh-m672	opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863	4.8.1.78 Affected by 0 other vulnerabilities.
VCID-4sam-7au7-kyda Aliases: PYSEC-2023-183	opencv-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.	4.8.1.78 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-4emq-jp96-xubx
Aliases:
GHSA-qr4w-53vh-m672

opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863

4.8.1.78
Affected by 0 other vulnerabilities.

VCID-4sam-7au7-kyda
Aliases:
PYSEC-2023-183

opencv-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.

4.8.1.78
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-jr8q-eaze-8yff	An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.	CVE-2019-5064 GHSA-q799-q27x-vp7w

Vulnerability

Summary

Aliases

VCID-jr8q-eaze-8yff

An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.

CVE-2019-5064
GHSA-q799-q27x-vp7w

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T06:24:42.397387+00:00	GHSA Importer	Fixing	VCID-jr8q-eaze-8yff	https://github.com/advisories/GHSA-q799-q27x-vp7w	38.6.0
2026-06-12T19:38:25.688505+00:00	GitLab Importer	Affected by	VCID-4emq-jp96-xubx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-python/GHSA-qr4w-53vh-m672.yml	38.6.0
2026-06-12T15:42:32.578751+00:00	GitLab Importer	Fixing	VCID-jr8q-eaze-8yff	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/opencv-python/CVE-2019-5064.yml	38.6.0
2026-06-12T08:02:48.041403+00:00	GithubOSV Importer	Fixing	VCID-jr8q-eaze-8yff	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/10/GHSA-q799-q27x-vp7w/GHSA-q799-q27x-vp7w.json	38.6.0
2026-06-12T04:22:33.858764+00:00	Pypa Importer	Affected by	VCID-4sam-7au7-kyda	https://github.com/pypa/advisory-database/blob/main/vulns/opencv-python/PYSEC-2023-183.yaml	38.6.0
2026-06-11T21:00:44.917521+00:00	PyPI Importer	Affected by	VCID-4sam-7au7-kyda	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0