Malicious code in numpy-selenium (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dc92a371c845859241fd20b897b00c4b6c39fcc8ec83dfe9fbb0146c36d267c5 The OpenSSF Package Analysis project identified 'numpy-selenium' @ 5.20.19 pypi as malicious. It is considered malicious because: - The package...

MAL-2023-1385 Malicious code in pandas-numpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ad64cd7fe8db5e273a5e994ca67fcc44546298765caf11ec2edcd0d587481434 The OpenSSF Package Analysis project identified 'pandas-numpy' @ 8.19.3 pypi as malicious. It is considered malicious because: - The package...

Malicious code in pandas-numpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ad64cd7fe8db5e273a5e994ca67fcc44546298765caf11ec2edcd0d587481434 The OpenSSF Package Analysis project identified 'pandas-numpy' @ 8.19.3 pypi as malicious. It is considered malicious because: - The package...

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

Huawei EulerOS: Security Advisory for numpy (EulerOS-SA-2023-1720)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : numpy (EulerOS-SA-2023-1720)

According to the versions of the numpy packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missing...

Security Bulletin: IBM InfoSphere Information Server is affected but not classified as vulnerable to a denial of service vulnerability in NumPy (CVE-2021-34141)

Summary A denial of service vulnerability in NumPy used byIBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2021-34141 DESCRIPTION: NumPy is vulnerable to a denial of service, caused by incomplete string comparison in the numpy.core component. By sending a...

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41884)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41884 advisory. - TensorFlow is an open source platform for machine learning. If a numpy array is created with a shape suc...

SUSE CVE-2017-12852

The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack...

SUSE CVE-2019-6446

An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have...

SUSE CVE-2021-34141

An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."...

SUSE CVE-2021-41495

Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error ca...

SUSE CVE-2021-41496

Buffer overflow in the arrayfrompyobj function of fortranobject.c in NumPy 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be...

Huawei EulerOS: Security Advisory for numpy (EulerOS-SA-2023-1279)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : numpy (EulerOS-SA-2023-1279)

According to the versions of the numpy packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missing...

EulerOS Virtualization 2.9.1 : numpy (EulerOS-SA-2022-1610)

According to the versions of the numpy package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTED Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missi...

RHEL 8 : Red Hat OpenStack Platform 16.1.9 (numpy) (RHSA-2022:8861)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8861 advisory. A fast multidimensional array facility for Python Security Fixes: NULL pointer dereference in numpy.sort in the PyArrayDescrNew due to missing...

RHEL 8 : Red Hat OpenStack Platform 16.2.4 (numpy) (RHSA-2022:8852)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8852 advisory. A fast multidimensional array facility for Python Security Fixes: NULL pointer dereference in numpy.sort in the PyArrayDescrNew due to missing...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in NumPy. (CVE-2021-33430).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in NumPy. CVE-2021-33430. This appears in the Python code used by some of our service components. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2021-33430...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service, caused by incomplete string comparison in NumPy (CVE-2021-34141)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to to a denial of service, caused by incomplete string comparison in the numpy.core component CVE-2021-34141. NumPy is used as part of our speech runtime component. Please read the details for remediation below...