525 matches found
Command Execution Vulnerability in NumPy
The NumPy system is an open source numerical computation extension for Python. NumPy suffers from a command execution vulnerability that can be exploited by an attacker to execute arbitrary commands...
Fedora 30 : 1:numpy (2019-1dfe95a864)
1.16.3, fix for CVE-2019-6446 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
[SECURITY] Fedora 30 Update: numpy-1.16.3-1.fc30
NumPy is a general-purpose array-processing package designed to efficiently manipulate large multi-dimensional arrays of arbitrary records without sacrificing too much speed for small multi-dimensional arrays. NumPy is built on the Numeric code base and adds features introduced by numarray as wel...
OPENSUSE-SU-2019:0245-1 Security update for python-numpy
This update for python-numpy fixes the following issue: Security issue fixed: - CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE-SU-2019:13977-1 Security update for python-numpy
This update for python-numpy fixes the following issues: Security issue fixed: - CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
openSUSE: Security Advisory for python-numpy (openSUSE-SU-2019:0245-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for python-numpy (important)
openSUSE Security Update: Security update for python-numpy Announcement ID: openSUSE-SU-2019:0245-1 Rating: important References: 1122208 Cross-References: CVE-2019-6446 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...
openSUSE Security Update : python-numpy (openSUSE-2019-245)
This update for python-numpy fixes the following issue : Security issue fixed : - CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE-SU-2019:0448-1 Security update for python-numpy
This update for python-numpy fixes the following issues: Security issue fixed: - CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE SLES12 Security Update : python-numpy (SUSE-SU-2019:0448-1)
This update for python-numpy fixes the following issues : Security issue fixed : CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE SLED15 / SLES15 Security Update : python-numpy (SUSE-SU-2019:0418-1)
This update for python-numpy fixes the following issue : Security issue fixed : CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE SLED12 / SLES12 Security Update : python-numpy (SUSE-SU-2019:0419-1)
This update for python-numpy fixes the following issue : Security issue fixed : CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE-SU-2019:0419-1 Security update for python-numpy
This update for python-numpy fixes the following issue: Security issue fixed: - CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE-SU-2019:0418-1 Security update for python-numpy
This update for python-numpy fixes the following issue: Security issue fixed: - CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE SLES11 Security Update : python-numpy (SUSE-SU-2019:13951-1)
This update for python-numpy fixes the following issues : Security issue fixed : CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
SUSE-SU-2019:13951-1 Security update for python-numpy
This update for python-numpy fixes the following issues: Security issue fixed: - CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...
Arbitrary Code Execution
numpy is vulnerable to code execution. It loads pickle by default np.loadallowpickle=True and uses the module in an unsafe way such that it allows an attacker to execute arbitrary code via a malicious serialized object...
CVE-2019-6446
An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have...
CVE-2019-6446
An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have...
Design/Logic Flaw
DISPUTED An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior...