CVE-2021-41496

Опубликовано: 17 дек. 2021

Источник: ubuntu

Приоритет: medium

CVSS2: 2.1

CVSS3: 5.5

Описание

Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally)

Релиз	Статус	Примечание
devel	not-affected	1:1.24.1-2
esm-infra/focal	released	1:1.17.4-5ubuntu3.1
focal	released	1:1.17.4-5ubuntu3.1
hirsute	ignored	end of life
impish	ignored	end of life
jammy	released	1:1.21.5-1ubuntu22.04.1
kinetic	released	1:1.21.5-1ubuntu22.10.1
lunar	not-affected	1:1.24.1-2
trusty	ignored	end of standard support
upstream	released	1.22.0, 1.23.0

Показывать по

Ссылки на источники

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2021-41496

CVSS3: 5.5

redhat

больше 4 лет назад

CVE-2021-41496

CVSS3: 5.5

nvd

около 4 лет назад

CVE-2021-41496

CVSS3: 5.5

msrc

около 4 лет назад

Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19 which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally)

CVE-2021-41496

CVSS3: 5.5

debian

около 4 лет назад

Buffer overflow in the array_from_pyobj function of fortranobject.c in ...

GHSA-f7c7-j99h-c22f

CVSS3: 5.5

github

около 4 лет назад

Buffer Copy without Checking Size of Input in NumPy

2.1 Low

CVSS2

5.5 Medium

CVSS3

CVE-2021-41496

Описание

Пакет numpy

Ссылки на источники

Связанные уязвимости