PT-2019-6939 · Scipy · Scipy

Marcus Meissner

·

Publicado

2013-11-20

·

Atualizado

2022-05-05

·

CVE-2013-4251

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions SciPy versions prior to 0.12.1
Description The issue concerns the creation of insecure temporary directories by the scipy.weave component in SciPy. This could potentially lead to security issues, although specific details about exploitation or affected devices are not provided.
Recommendations For versions prior to 0.12.1, update to version 0.12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the scipy.weave component until the update is applied.

Correção

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269

Identificadores relacionados

CVE-2013-4251
DLA-26-1
GHSA-XP76-357G-9WQQ
MGASA-2013-0330
PYSEC-2019-156

Produtos afetados

Scipy