ALT-PU-2022-4083-1
Package python3-module-numpy updated to version 1.22.1-alt3.E2K.1 for branch sisyphus_e2k.
Closed vulnerabilities
Published: 2021-05-12
BDU:2022-06724
Уязвимость функции _convert_from_str() компонента numpy.core модуля NumPy для Python, позволяющая нарушителю инициировать копирование данных
Severity: MEDIUM (5.3)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity: MEDIUM (5.0)
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2021-12-17
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-34141
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
Severity: MEDIUM (5.0)
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.3)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References: