Vendor
Numpy
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- Numpy2 CVEspypi
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12852 | Hig | 0.49 | 7.5 | 0.03 | Aug 15, 2017 | The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack. | ||
| CVE-2019-6446 | 0.00 | — | 0.17 | Jan 16, 2019 | An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a… |
- risk 0.49cvss 7.5epss 0.03
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
- CVE-2019-6446Jan 16, 2019risk 0.00cvss —epss 0.17
An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a…