ALT-PU-2024-9087-5
Package python3-module-scipy updated to version 1.6.1-alt3.p10.1 for branch p10 in task 350714.
Closed vulnerabilities
Published: 2023-07-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-25399
A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
- http://www.square16.org/achievement/cve-2023-25399/
- http://www.square16.org/achievement/cve-2023-25399/
- https://github.com/scipy/scipy/issues/16235
- https://github.com/scipy/scipy/issues/16235
- https://github.com/scipy/scipy/issues/16235#issuecomment-1625361328
- https://github.com/scipy/scipy/issues/16235#issuecomment-1625361328
- https://github.com/scipy/scipy/pull/16397
- https://github.com/scipy/scipy/pull/16397
Published: 2023-07-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-29824
A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue.
Severity: CRITICAL (9.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- http://www.square16.org/achievement/cve-2023-29824/
- https://github.com/scipy/scipy/issues/14713
- https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565
- https://github.com/scipy/scipy/pull/15013
- http://www.square16.org/achievement/cve-2023-29824/
- https://github.com/scipy/scipy/pull/15013
- https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565
- https://github.com/scipy/scipy/issues/14713