Описание
Incorrect Comparison in NumPy
Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-34141
- https://github.com/numpy/numpy/issues/18993
- https://github.com/numpy/numpy/issues/18993#issuecomment-1010735102
- https://github.com/advisories/GHSA-fpfv-jqm9-f5jm
- https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-855.yaml
- https://www.oracle.com/security-alerts/cpujul2022.html
Пакеты
numpy
< 1.22
1.22
Связанные уязвимости
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
An incomplete string comparison in the numpy.core component in NumPy b ...