opencv-python
opencv-python copied to clipboard
opencv
pip-audit fails with 2 vulnerabilities (GHSA-m6vm-8g8v-xfjh and GHSA-8849-5h85-98qw)
Expected behaviour
When I ran
$ pip-audit -r /path/to/requirements.txt
where the requirements.txt has dependency on the latest version of opencv-python
opencv-python==4.7.0.72
, no error is supposed to be happened.
Actual behaviour
The following two errors are raised.
Name Version ID Fix Versions
------------- -------- ------------------- ------------
opencv-python 4.7.0.72 GHSA-m6vm-8g8v-xfjh
opencv-python 4.7.0.72 GHSA-8849-5h85-98qw
Steps to reproduce
$ mkdir tempdir
$ cd tempdir
$ echo "opencv-python==4.7.0.72" > requirements.txt
$ pip install pip-audit==2.5.3
$ pip-audit -r requirements.txt
Found 2 known vulnerabilities in 1 package
Name Version ID Fix Versions
------------- -------- ------------------- ------------
opencv-python 4.7.0.72 GHSA-m6vm-8g8v-xfjh
opencv-python 4.7.0.72 GHSA-8849-5h85-98qw
My environment:
$ python --version
Python 3.9.16
Issue submission checklist
- [x] This is not a generic OpenCV usage question (looking for help for coding, other usage questions, homework etc.)
- [x] I have read the README of this repository and understand that this repository provides only an automated build toolchain for OpenCV Python packages (there is no actual OpenCV code here)
- [ ] The issue is related to the build scripts in this repository, to the pre-built binaries or is a feature request (such as "please enable this additional dependency")
- [x] I'm using the latest version of
opencv-python
