rpm package
suse/python-numpy&distro=SUSE Linux Enterprise Software Development Kit 12 SP5
pkg:rpm/suse/python-numpy&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-41496 | — | < 1.8.0-5.11.1 | 1.8.0-5.11.1 | Dec 17, 2021 | Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimens | ||
| CVE-2021-41495 | — | < 1.8.0-5.14.1 | 1.8.0-5.14.1 | Dec 17, 2021 | Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is mi | ||
| CVE-2021-33430 | — | < 1.8.0-5.11.1 | 1.8.0-5.11.1 | Dec 17, 2021 | A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a v | ||
| CVE-2017-12852 | Hig | 7.5 | < 1.8.0-5.19.1 | 1.8.0-5.19.1 | Aug 15, 2017 | The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack. |
- CVE-2021-41496Dec 17, 2021affected < 1.8.0-5.11.1fixed 1.8.0-5.11.1
Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimens
- CVE-2021-41495Dec 17, 2021affected < 1.8.0-5.14.1fixed 1.8.0-5.14.1
Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is mi
- CVE-2021-33430Dec 17, 2021affected < 1.8.0-5.11.1fixed 1.8.0-5.11.1
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a v
- affected < 1.8.0-5.19.1fixed 1.8.0-5.19.1
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.