Vulnerabilities > Numpy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-17 | CVE-2021-41495 | NULL Pointer Dereference vulnerability in Numpy 1.0 Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. | 5.3 |
| 2021-12-17 | CVE-2021-41496 | Classic Buffer Overflow vulnerability in Numpy 1.0 Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. | 5.5 |
| 2021-12-17 | CVE-2021-33430 | Classic Buffer Overflow vulnerability in Numpy A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. | 5.3 |
| 2021-12-17 | CVE-2021-34141 | Incorrect Comparison vulnerability in multiple products An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. | 5.3 |
| 2019-01-16 | CVE-2019-6446 | Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in NumPy 1.16.0 and earlier. | 9.8 |
| 2018-01-08 | CVE-2014-1859 | Link Following vulnerability in multiple products (1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file. | 2.1 |
| 2018-01-08 | CVE-2014-1858 | Improper Input Validation vulnerability in Numpy __init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file. | 2.1 |
| 2017-08-15 | CVE-2017-12852 | Infinite Loop vulnerability in Numpy The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. | 5.0 |