[Snyk] Fix for 8 vulnerabilities

[TheRedHatter]

Snyk has created this PR to fix 8 vulnerabilities in the pip dependencies of this project.

Snyk changed the following file(s):

• samples/dnn/dnn_model_runner/dnn_conversion/requirements.txt

⚠️ Warning

yarl 1.9.4 requires idna, which is not installed.
starlette 0.27.0 requires anyio, which is not installed.
scikit-learn 1.0.2 requires numpy, which is not installed.
scikit-learn 1.0.2 requires scipy, which is not installed.
pydantic 2.5.3 requires importlib-metadata, which is not installed.
prettytable 3.7.0 requires importlib-metadata, which is not installed.
paddleseg 2.8.0 requires visualdl, which is not installed.
paddleseg 2.8.0 requires pyyaml, which is not installed.
paddleseg 2.8.0 requires scipy, which is not installed.
paddleseg 2.8.0 requires opencv-python, which is not installed.
paddleseg 2.8.0 requires filelock, which is not installed.
paddlenlp 2.8.1 requires dill, which is not installed.
paddlenlp 2.8.1 requires datasets, which is not installed.
paddlenlp 2.8.1 requires jinja2, which is not installed.
paddlenlp 2.8.1 requires safetensors, which is not installed.
paddlenlp 2.8.1 requires jieba, which is not installed.
paddlenlp 2.8.1 requires seqeval, which is not installed.
paddlenlp 2.8.1 requires rich, which is not installed.
paddlenlp 2.8.1 requires huggingface-hub, which is not installed.
paddlenlp 2.8.1 requires tool-helpers, which is not installed.
paddlenlp 2.8.1 requires colorama, which is not installed.
paddlenlp 2.8.1 requires protobuf, which is not installed.
paddlenlp 2.8.1 requires uvicorn, which is not installed.
paddlenlp 2.8.1 requires visualdl, which is not installed.
paddlenlp 2.8.1 requires onnx, which is not installed.
paddlenlp 2.8.1 requires Flask-Babel, which is not installed.
paddlenlp 2.8.1 requires typer, which is not installed.
paddlefsl 1.1.0 requires numpy, which is not installed.
paddlefsl 1.1.0 requires requests, which is not installed.
paddle2onnx 0.9.5 requires six, which is not installed.
paddle2onnx 0.9.5 requires protobuf, which is not installed.
paddle2onnx 0.9.5 requires onnx, which is not installed.
multiprocess 0.70.12.2 requires dill, which is not installed.
fastapi 0.103.2 requires anyio, which is not installed.
attrs 24.2.0 requires importlib-metadata, which is not installed.
aistudio-sdk 0.3.3 requires bce-python-sdk, which is not installed.
aistudio-sdk 0.3.3 requires requests, which is not installed.
aistudio-sdk 0.3.3 requires click, which is not installed.
aiohttp 3.8.6 requires charset-normalizer, which is not installed.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.
• Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 NULL Pointer Dereference
🦉 Directory Traversal

[TheRedHatter]

⛔ Snyk checks have failed. 1 issues have been found so far.

Icon	Severity	Issues
	Critical	0
	High	0
	Medium	1
	Low	0

✅ security/snyk check is complete. No issues have been found. (View Details)

⛔ license/snyk check is complete. 1 issues have been found. (View Details)

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[TheRedHatter]

Checkmarx One – Scan Summary & Details – 5182a3e9-c100-4420-b53c-aa336517d079

New Issues (268)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	Buffer_Improper_Index_Access	/modules/imgcodecs/src/rgbe.cpp: 350	details The array index buffer at /modules/imgcodecs/src/rgbe.cpp in line 350 is used to reference an index of a cell of the array buffer at /modules/imgc... ID: qKSNsZ2uGJUCntEXLZgN%2FG0ED60%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/dnn/perf/perf_convolution3d.cpp: 97	details The array index testConvolution3DConfigs at /modules/dnn/perf/perf_convolution3d.cpp in line 97 is used to reference an index of a cell of the ar... ID: S0K76Wwu0ij4w4yQCsqQMW2ImzU%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/photo/src/arrays.hpp: 178	details The array index steps at /modules/photo/src/arrays.hpp in line 178 is used to reference an index of a cell of the array steps at /modules/photo/sr... ID: xtufRmWcos7eFUMM%2BjVElpiQdP0%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/imgproc/src/rotcalipers.cpp: 346	details The array index out at /modules/imgproc/src/rotcalipers.cpp in line 346 is used to reference an index of a cell of the array out at /modules/imgpr... ID: NLy%2FjQ6GLsNQEmbdtwhEA06SKGc%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/imgcodecs/src/rgbe.cpp: 352	details The array index buffer at /modules/imgcodecs/src/rgbe.cpp in line 352 is used to reference an index of a cell of the array buffer at /modules/imgc... ID: RPrWMmwhUbgh7HHJ13%2B2zu%2F%2BZzc%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/imgproc/src/rotcalipers.cpp: 345	details The array index out at /modules/imgproc/src/rotcalipers.cpp in line 345 is used to reference an index of a cell of the array out at /modules/imgpr... ID: 7aTJHUy%2BleZGEV61b5dky84bEhM%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/imgcodecs/src/rgbe.cpp: 351	details The array index buffer at /modules/imgcodecs/src/rgbe.cpp in line 351 is used to reference an index of a cell of the array buffer at /modules/imgc... ID: dVJn08bDKqpJ0qI%2B%2BN3q34OiGII%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/core/src/sum.simd.hpp: 446	details The array index sumTab at /modules/core/src/sum.simd.hpp in line 446 is used to reference an index of a cell of the array sumTab at /modules/core... ID: AfdKZ3HXCfa%2FJe3YgLh6aTMDY20%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/core/src/count_non_zero.simd.hpp: 213	details The array index countNonZeroTab at /modules/core/src/count_non_zero.simd.hpp in line 213 is used to reference an index of a cell of the array c... ID: 7S9kfSrT95zGxHEwo28rgiPcTGk%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/core/src/channels.cpp: 89	details The array index mixchTab at /modules/core/src/channels.cpp in line 89 is used to reference an index of a cell of the array mixchTab at /modules/co... ID: %2BtDEnuo0gDYlvsPhBGxVQDRxz0Q%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/core/src/check.cpp: 47	details The array index depthNames at /modules/core/src/check.cpp in line 47 is used to reference an index of a cell of the array depthNames at /modules/c... ID: 5A2v1BAnaHMqpDMEmixQ2NBsuRc%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/core/src/mean.simd.hpp: 320	details The array index sumSqrTab at /modules/core/src/mean.simd.hpp in line 320 is used to reference an index of a cell of the array sumSqrTab at /modul... ID: NAX3IMvQBCPs94V2PQXsL7AJ9Rg%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/core/src/convert_scale.simd.hpp: 309	details The array index cvtScaleAbsTab at /modules/core/src/convert_scale.simd.hpp in line 309 is used to reference an index of a cell of the array cvtS... ID: nXPPMAYIJxAr2%2FvI%2BNpfACJdfNk%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/dnn/perf/perf_convolution1d.cpp: 76	details The array index testConvolution1DConfigs at /modules/dnn/perf/perf_convolution1d.cpp in line 76 is used to reference an index of a cell of the ar... ID: f7PIG44nKAubZI1aStuL%2Bb2VnOc%3D Attack Vector
	Buffer_Improper_Index_Access	/apps/traincascade/HOGfeatures.h: 69	details The array index fastRect at /apps/traincascade/HOGfeatures.h in line 69 is used to reference an index of a cell of the array fastRect at /apps/tra... ID: 0kf%2BKhiwhim8HCZMALbMSq3%2BAHM%3D Attack Vector
	Buffer_Improper_Index_Access	/apps/traincascade/HOGfeatures.h: 69	details The array index fastRect at /apps/traincascade/HOGfeatures.h in line 69 is used to reference an index of a cell of the array fastRect at /apps/tra... ID: 3u%2F3CccQ0DljDfmp3T%2BXlNmuhcw%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/openjpeg/openjp2/mct.c: 430	details The array index lCurrentData at /3rdparty/openjpeg/openjp2/mct.c in line 430 is used to reference an index of a cell of the array lCurrentData at ... ID: Rj4sK%2BrBrPAf4CRKUhqlyFCBCm0%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/openjpeg/openjp2/mct.c: 433	details The array index lCurrentResult at /3rdparty/openjpeg/openjp2/mct.c in line 433 is used to reference an index of a cell of the array lCurrentResult... ID: QoEIO7guGbD4rtpU92leHrv6RaM%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/zlib/zutil.c: 138	details The array index z_errmsg at /3rdparty/zlib/zutil.c in line 138 is used to reference an index of a cell of the array z_errmsg at /3rdparty/zlib/z... ID: PSMlx2eO8D8Z2S%2BFhQDgRnMpFxw%3D Attack Vector
	Buffer_Improper_Index_Access	/apps/traincascade/HOGfeatures.h: 69	details The array index fastRect at /apps/traincascade/HOGfeatures.h in line 69 is used to reference an index of a cell of the array fastRect at /apps/tra... ID: S%2F6HtAGsoQkqtJqoFpW14fI3tpg%3D Attack Vector
	Buffer_Improper_Index_Access	/apps/traincascade/HOGfeatures.h: 69	details The array index fastRect at /apps/traincascade/HOGfeatures.h in line 69 is used to reference an index of a cell of the array fastRect at /apps/tra... ID: FOrSAxajuOizOIK%2FFK5mDdZcrhM%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/openjpeg/openjp2/mct.c: 378	details The array index lCurrentMatrix at /3rdparty/openjpeg/openjp2/mct.c in line 378 is used to reference an index of a cell of the array lCurrentMatrix... ID: p%2BjVsS3CFlDW9pzSR1WIFReBbpc%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/libwebp/src/enc/cost_enc.h: 60	details The array index VP8EntropyCost at /3rdparty/libwebp/src/enc/cost_enc.h in line 60 is used to reference an index of a cell of the array VP8Entropy... ID: g%2BN5p8y5V2CpEUgaLiNFGJBDVjE%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/flatbuffers/include/flatbuffers/struct.h: 39	details The array index data_ at /3rdparty/flatbuffers/include/flatbuffers/struct.h in line 39 is used to reference an index of a cell of the array data... ID: 02zgDHkid8qe8%2Bm2vLsD4DOq3Ak%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/flatbuffers/include/flatbuffers/struct.h: 38	details The array index data_ at /3rdparty/flatbuffers/include/flatbuffers/struct.h in line 38 is used to reference an index of a cell of the array data... ID: ehyh2Vpdm6thWcZPMyA5kg0FLgY%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/openjpeg/openjp2/mct.c: 384	details The array index lCurrentData at /3rdparty/openjpeg/openjp2/mct.c in line 384 is used to reference an index of a cell of the array lCurrentData at ... ID: XwpBL1l9ezjUzvjKJgl08HTE8pc%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/libwebp/src/enc/cost_enc.h: 60	details The array index VP8EntropyCost at /3rdparty/libwebp/src/enc/cost_enc.h in line 60 is used to reference an index of a cell of the array VP8Entropy... ID: WH20aS6n%2FIb9JCAEx5l95HpjSu4%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/flatbuffers/include/flatbuffers/struct.h: 31	details The array index data_ at /3rdparty/flatbuffers/include/flatbuffers/struct.h in line 31 is used to reference an index of a cell of the array data... ID: WUAlp6FTsikMLwMc%2B7or%2BLSbvhw%3D Attack Vector
	Buffer_Improper_Index_Access	/3rdparty/flatbuffers/include/flatbuffers/struct.h: 35	details The array index data_ at /3rdparty/flatbuffers/include/flatbuffers/struct.h in line 35 is used to reference an index of a cell of the array data... ID: Dost4t9dYt3Y6hNxTNCgj5KwMKo%3D Attack Vector
	Buffer_Improper_Index_Access	/modules/core/src/split.dispatch.cpp: 64	details The array index splitTab at /modules/core/src/split.dispatch.cpp in line 64 is used to reference an index of a cell of the array splitTab at /mod... ID: H9jKHHrMtvSJVfQCsJ16o2Hayuc%3D Attack Vector
	CVE-2025-5958	Npm-electron-15.5.7	details Recommended version: 35.6.0 Description: Use After Free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTM... Attack Vector: NETWORK Attack Complexity: LOW ID: %2F%2FhTC4QfyVtw6nkkYkgNtyctyF6%2BcIVpgRrged33To0%3D Vulnerable Package
	CVE-2025-5959	Npm-electron-15.5.7	details Recommended version: 35.6.0 Description: Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT... Attack Vector: NETWORK Attack Complexity: LOW ID: H%2BmCGYw9Jv0aBUtAYwwQplwKqfFKV2pI8be92gX%2B%2Fhg%3D Vulnerable Package
	CVE-2025-6191	Npm-electron-15.5.7	details Recommended version: 37.0.0 Description: Integer Overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out-of-bounds memory access via a ... Attack Vector: NETWORK Attack Complexity: LOW ID: K029lLn%2FwYTuVucKZ%2FLlBz%2FBr0RVhTZridL%2Bu9SmSJw%3D Vulnerable Package
	CVE-2025-6192	Npm-electron-15.5.7	details Recommended version: 35.6.0 Description: Use After Free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted H... Attack Vector: NETWORK Attack Complexity: LOW ID: 5jYjt2pZfKSV9naW3ko%2FY4bVnQsl9tBREzQMXCP4Jto%3D Vulnerable Package
	Missing User Instruction	/Dockerfile: 1	details A user should be specified in the dockerfile, otherwise the image will run as root ID: JekoxyNKzToFhQE9CP4KJMp397A%3D

More results are available on the CxOne platform

Fixed Issues (24)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	CVE-2024-10648	Python-gradio-5.31.0
	CVE-2024-48052	Python-gradio-5.31.0
	CVE-2025-0187	Python-gradio-5.31.0
	CVE-2024-4940	Python-gradio-5.31.0
	CVE-2024-8021	Python-gradio-5.31.0
	CVE-2025-3136	Python-torch-2.7.0
	Divide_By_Zero	/3rdparty/libwebp/src/enc/picture_psnr_enc.c: 128
	Divide_By_Zero	/modules/dnn/src/cuda/execution.hpp: 51
	Divide_By_Zero	/3rdparty/libtiff/tif_strip.c: 277
	Divide_By_Zero	/3rdparty/libtiff/tif_strip.c: 309
	Divide_By_Zero	/3rdparty/libtiff/tif_strip.c: 287
	Divide_By_Zero	/3rdparty/libwebp/src/utils/huffman_encode_utils.c: 72
	Divide_By_Zero	/3rdparty/libwebp/src/utils/huffman_encode_utils.c: 96
	Divide_By_Zero	/3rdparty/libwebp/src/utils/huffman_encode_utils.c: 72
	Divide_By_Zero	/3rdparty/libwebp/src/utils/huffman_encode_utils.c: 96
	Divide_By_Zero	/3rdparty/openexr/IlmImf/ImfRgbaYca.cpp: 413
	Divide_By_Zero	/modules/flann/include/opencv2/flann/index_testing.h: 109
	Divide_By_Zero	/modules/features2d/src/kaze/fed.cpp: 75
	Divide_By_Zero	/modules/core/include/opencv2/core/cuda/filters.hpp: 165
	Divide_By_Zero	/3rdparty/libwebp/src/utils/huffman_utils.c: 56
	Divide_By_Zero	/modules/calib3d/src/posit.cpp: 120
	Divide_By_Zero	/modules/calib3d/src/posit.cpp: 307
	Divide_By_Zero	/3rdparty/carotene/src/sum.cpp: 303
	Divide_By_Zero	/modules/calib3d/src/posit.cpp: 142