PyPI package
scipy
pkg:pypi/scipy
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-29824 | — | < 1.8.0 | 1.8.0 | Jul 6, 2023 | A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue. | ||
| CVE-2023-25399 | — | < 1.10.0 | 1.10.0 | Jul 5, 2023 | A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly. | ||
| CVE-2013-4251 | — | < 0.12.1 | 0.12.1 | Nov 4, 2019 | The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. |
- CVE-2023-29824Jul 6, 2023affected < 1.8.0fixed 1.8.0
A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue.
- CVE-2023-25399Jul 5, 2023affected < 1.10.0fixed 1.10.0
A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly.
- CVE-2013-4251Nov 4, 2019affected < 0.12.1fixed 0.12.1
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.