Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Numpy
(Numpy)| Repositories | https://github.com/numpy/numpy |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-12-17 | CVE-2021-34141 | An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless." | Numpy, Communications_cloud_native_core_policy | 5.3 | ||
| 2017-08-15 | CVE-2017-12852 | The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack. | Numpy | 7.5 | ||
| 2018-01-08 | CVE-2014-1859 | (1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file. | Fedora, Numpy, Enterprise_linux | 5.5 | ||
| 2018-01-08 | CVE-2014-1858 | __init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file. | Numpy | 5.5 |