Vulnerabilities > CVE-2023-29824 - Use After Free vulnerability in Scipy
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://www.square16.org/achievement/cve-2023-29824/
- https://github.com/scipy/scipy/issues/14713
- https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565
- https://github.com/scipy/scipy/pull/15013
- http://www.square16.org/achievement/cve-2023-29824/
- https://github.com/scipy/scipy/pull/15013
- https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565
- https://github.com/scipy/scipy/issues/14713