GHSA-f7c7-j99h-c22f
Suggest an improvement- Source
- https://github.com/advisories/GHSA-f7c7-j99h-c22f
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-f7c7-j99h-c22f/GHSA-f7c7-j99h-c22f.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-f7c7-j99h-c22f
- Aliases
- Published
- 2022-02-08T00:00:56Z
- Modified
- 2023-11-08T04:06:59.274139Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Buffer Copy without Checking Size of Input in NumPy
- Details
-
Buffer overflow in the arrayfrompyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values.
- Database specific
{ "nvd_published_at": "2021-12-17T20:15:00Z", "github_reviewed_at": "2022-06-21T20:09:56Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-120" ] }- References
Affected packages
PyPI / numpy
Package
- Name
- numpy
- View open source insights on deps.dev
- Purl
- pkg:pypi/numpy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.19
Affected versions
0.*
0.9.6
0.9.8
1.*
1.0b1
1.0b4
1.0b5
1.0rc1
1.0rc2
1.0rc3
1.0
1.0.3
1.0.4
1.1.1
1.2.0
1.2.1
1.3.0
1.4.0
1.4.1
1.5.0
1.5.1
1.6.0
1.6.1
1.6.2
1.7.0
1.7.1
1.7.2
1.8.0
1.8.1
1.8.2
1.9.0
1.9.1
1.9.2
1.9.3
1.10.0
1.10.1
1.10.2
1.10.3
1.10.4
1.11.0
1.11.1
1.11.2
1.11.3
1.12.0
1.12.1
1.13.0
1.13.1
1.13.3
1.14.0
1.14.1
1.14.2
1.14.3
1.14.4
1.14.5
1.14.6
1.15.0
1.15.1
1.15.2
1.15.3
1.15.4
1.16.0
1.16.1
1.16.2
1.16.3
1.16.4
1.16.5
1.16.6
1.17.0
1.17.1
1.17.2
1.17.3
1.17.4
1.17.5
1.18.0
1.18.1
1.18.2
1.18.3
1.18.4
1.18.5