CVE-2023-25399

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions scipy (affected versions not specified)

Description A refcounting issue which leads to potential memory leak was discovered in the Py FindObjects() function. This issue may allow an attacker to cause a denial of service. Note that this is disputed as a bug and not a vulnerability, and SciPy is not designed to be exposed to untrusted users or data directly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Memory Leak

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-400

Related Identifiers

ALT-PU-2023-8424

ALT-PU-2024-16624

ALT-PU-2024-9087

BDU:2024-07433

CVE-2023-25399

GHSA-9JX5-6PGF-CRRP

MGASA-2024-0078

OESA-2023-1491

OPENSUSE-SU-2023_2970-1

PYSEC-2023-102

SUSE-SU-2023:2970-1

SUSE-SU-2023:3272-1

SUSE-SU-2023_3272-1

USN-6226-1

Affected Products

Alt Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Scipy

CVE-2023-25399

Weakness Enumeration

Related Identifiers

Affected Products

References · 37