OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. This issue was fixed in OpenCV version 3.3.1 (corresponding to OpenCV-Python and and OpenCV-Contrib-Python 3.3.1.11).
{ "last_known_affected_version_range": "<= 3.3.0.10" }