CVE-2021-34141
Description
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is completely harmless.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.064
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-34141 are fixed in Python-numpy 1.22 | Windows |
| scientific computing package with Python (USN-5763-1) python3-numpy_1.17.4-5ubuntu3.1_amd64.deb | Linux |
| scientific computing package with Python (USN-5763-1) python3-numpy_1.21.5-1ubuntu22.04.1_amd64.deb | Linux |
| scientific computing package with Python (USN-5763-1) python3-numpy_1.21.5-1ubuntu22.10.1_amd64.deb | Linux |
| Vulnerabilities CVE-2021-34141 are fixed in Python-numpy for linux 1.22 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234