GHSA-cvhw-2593-5j2q

Source
https://github.com/advisories/GHSA-cvhw-2593-5j2q
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/10/GHSA-cvhw-2593-5j2q/GHSA-cvhw-2593-5j2q.json
Aliases
Published
2021-10-12T22:00:08Z
Modified
2023-11-08T03:58:22.873468Z
Summary
Double Free in OpenCV
Details

OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. This issue was fixed in OpenCV version 3.3.1 (corresponding to OpenCV-Python and and OpenCV-Contrib-Python 3.3.1.11).

References

Affected packages

PyPI / opencv-python

Package

Name
opencv-python

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
3.3.1.11

Affected versions

3.*

3.1.0
3.1.0.0
3.1.0.1
3.1.0.2
3.1.0.3
3.1.0.4
3.1.0.5
3.2.0.6
3.2.0.7
3.2.0.8
3.3.0.9
3.3.0.10

Database specific 

{
    "last_known_affected_version_range": "<= 3.3.0.10"
}

PyPI / opencv-contrib-python

Package

Name
opencv-contrib-python

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
3.3.1.11

Affected versions

3.*

3.1.0.0
3.2.0.7
3.2.0.8
3.3.0.9
3.3.0.10

Database specific 

{
    "last_known_affected_version_range": "<= 3.3.0.10"
}