PYSEC-2023-102

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/scipy/PYSEC-2023-102.yaml

Aliases

CVE-2023-25399
GHSA-9jx5-6pgf-crrp

Published

2023-07-05T17:15:00Z

Modified

2023-11-08T04:11:51.742567Z

Summary

[none]

Details

A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function.

References

https://github.com/scipy/scipy/issues/16235
https://github.com/scipy/scipy/pull/16397
http://www.square16.org/achievement/cve-2023-25399/

Affected packages

PyPI / scipy

Package

Name: scipy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

1.10.0

Affected versions

0.*

0.4.4

0.5.2

0.6.0

0.7.0

0.7.2

0.8.0

0.9.0

0.10.0

0.10.1

0.11.0

0.12.0

0.12.1

0.13.0

0.13.1

0.13.2

0.13.3

0.14.0

0.14.1

0.15.0

0.15.1

0.16.0

0.16.1

0.17.0

0.17.1

0.18.0

0.18.1

0.19.0

0.19.1

1.*

1.0.0

1.0.1

1.1.0

1.2.0

1.2.1

1.2.2

1.2.3

1.3.0

1.3.1

1.3.2

1.3.3

1.4.0

1.4.1

1.5.0

1.5.1

1.5.2

1.5.3

1.5.4

1.6.0

1.6.1

1.6.2

1.6.3

1.7.0

1.7.1

1.7.2

1.7.3

1.8.0rc1

1.8.0rc2

1.8.0rc3

1.8.0rc4

1.8.0

1.8.1

1.9.0rc1

1.9.0rc2

1.9.0rc3

1.9.0

1.9.1

1.9.2

1.9.3

1.10.0rc1

1.10.0rc2