GHSA-fpfv-jqm9-f5jm
- Source
- https://github.com/advisories/GHSA-fpfv-jqm9-f5jm
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-fpfv-jqm9-f5jm/GHSA-fpfv-jqm9-f5jm.json
- Aliases
- Published
- 2021-12-18T00:00:41Z
- Modified
- 2023-11-08T04:06:07.388275Z
- Details
-
Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.
- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2021-34141
- https://github.com/numpy/numpy/issues/18993
- https://github.com/numpy/numpy/issues/18993#issuecomment-1010735102
- https://github.com/advisories/GHSA-fpfv-jqm9-f5jm
- https://github.com/numpy/numpy
- https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-855.yaml
- https://www.oracle.com/security-alerts/cpujul2022.html
Affected packages
PyPI / numpy
Package
- Name
- numpy
Affected versions
0.*
0.9.6
0.9.8
1.*
1.0b1
1.0b4
1.0b5
1.0rc1
1.0rc2
1.0rc3
1.0
1.0.3
1.0.4
1.1.1
1.2.0
1.2.1
1.3.0
1.4.0
1.4.1
1.5.0
1.5.1
1.6.0
1.6.1
1.6.2
1.7.0
1.7.1
1.7.2
1.8.0
1.8.1
1.8.2
1.9.0
1.9.1
1.9.2
1.9.3
1.10.0
1.10.1
1.10.2
1.10.3
1.10.4
1.11.0
1.11.1
1.11.2
1.11.3
1.12.0
1.12.1
1.13.0
1.13.1
1.13.3
1.14.0
1.14.1
1.14.2
1.14.3
1.14.4
1.14.5
1.14.6
1.15.0
1.15.1
1.15.2
1.15.3
1.15.4
1.16.0
1.16.1
1.16.2
1.16.3
1.16.4
1.16.5
1.16.6
1.17.0
1.17.1
1.17.2
1.17.3
1.17.4
1.17.5
1.18.0
1.18.1
1.18.2
1.18.3
1.18.4
1.18.5
1.19.0
1.19.1
1.19.2
1.19.3
1.19.4
1.19.5
1.20.0
1.20.1
1.20.2
1.20.3
1.21.0
1.21.1
1.21.2
1.21.3
1.21.4
1.21.5
1.21.6