GHSA-9jx5-6pgf-crrp

Опубликовано: 05 июл. 2023

Источник: github

Github: Прошло ревью

CVSS3: 5.5

Описание

Withdrawn: scipy memory leak vulnerability

Withdrawn Advisory

This advisory has been withdrawn because it has been found to not be an issue. Please see the issue here for more information.

Original Description

A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function.

Ссылки

Пакеты

Наименование

scipy

pip

Затронутые версииВерсия исправления

< 1.10.0

1.10.0

EPSS

Процентиль: 34%

0.00135

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2023-25399

Дефекты

CWE-400

Связанные уязвимости

CVE-2023-25399

CVSS3: 5.5

ubuntu

почти 2 года назад

** DISPUTED ** A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly.

CVE-2023-25399

CVSS3: 5.5

redhat

почти 2 года назад

A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly.

CVE-2023-25399

CVSS3: 5.5

nvd

почти 2 года назад

CVE-2023-25399

CVSS3: 5.5

debian

почти 2 года назад

A refcounting issue which leads to potential memory leak was discovere ...

BDU:2024-07433

CVSS3: 5.5

fstec

почти 2 года назад

Уязвимость функции Py_FindObjects() библиотеки для языка программирования Python с открытым исходным кодом scipy, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 34%

0.00135

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2023-25399

Дефекты

CWE-400