VDB

PYSEC-2023-181

PYSEC-2023-181 PUBLISHED

opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2.

Affected Products

VendorProductVersions
PyPIopencv-contrib-python0, 3.1.0.0, 3.2.0.7

Timeline

  • Sep 29, 2023 CVE Updated
  • Sep 29, 2023 CVE Published
  • Oct 5, 2023 PoC Published
  • Apr 28, 2025 PoC Published
  • Mar 7, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›