PYSEC-2021-855

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/numpy/PYSEC-2021-855.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2021-855
Aliases
Published
2021-12-17T19:15:00Z
Modified
2023-11-08T04:06:07.388275Z
Summary
[none]
Details

Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.

References

Affected packages

PyPI / numpy

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.9.0
Fixed
1.10.0

Affected versions

1.*

1.9.0
1.9.1
1.9.2
1.9.3