SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-scipy (SUSE-SU-2023:3272-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3272-1 advisory. - A refcounting issue which leads to potential memory leak was discovered in scipy commit...

SUSE-SU-2023:3272-1 Security update for python-scipy

This update for python-scipy fixes the following issues: - CVE-2023-25399: Fixed minor refcounting issue in PyFindObjects bsc1213062. - CVE-2023-29824: Fixed use-after-free in PyFindObjects bsc1213137...

Amazon Linux 2 : scipy (ALAS-2023-2160)

The version of scipy installed on the remote host is prior to 0.12.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2160 advisory. A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. CVE-2023-29824 Tenable has extract...

Medium: scipy

Issue Overview: A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. CVE-2023-29824 Affected Packages: scipy Issue Correction: Run dnf update scipy --releasever 2023.1.20230725 or dnf update --advisory ALAS2023-2023-268 --releasever 2023.1.20230725 to...

openSUSE 15 Security Update : python-scipy (SUSE-SU-2023:2970-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2970-1 advisory. - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function. CVE-2023-25399 -...

SUSE-SU-2023:2970-1 Security update for python-scipy

This update for python-scipy fixes the following issues: - CVE-2023-25399: Fixed minor refcounting issue in PyFindObjects bsc1213062. - CVE-2023-29824: Fixed use-after-free in PyFindObjects bsc1213137...

Medium: scipy

Issue Overview: A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. CVE-2023-29824 Affected Packages: scipy Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

CVE-2023-25399

A flaw was found in SciPy, where it is vulnerable to a denial of service caused by a memory leak flaw in the PyFindObjects function due to a new reference not being decreased. This flaw allows a local attacker to send a specially crafted request, forcing the application to leak memory and perform...

CVE-2023-29824

A flaw was found in SciPy, where it is vulnerable to a denial of service caused by a use-after-free bug in the PyFindObjects function. By sending a specially crafted request, an attacker can cause a denial of service condition...

Ubuntu: Security Advisory (USN-6226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6226-1 scipy vulnerabilities

It was discovered that SciPy did not properly manage memory operations during reference counting. An attacker could possibly use this issue to cause a denial of service. CVE-2023-25399 A use-after-free was discovered in SciPy when handling reference counts. An attacker could possibly use this to...

USN-6226-1: SciPy vulnerabilities

It was discovered that SciPy did not properly manage memory operations during reference counting. An attacker could possibly use this issue to cause a denial of service. CVE-2023-25399 A use-after-free was discovered in SciPy when handling reference counts. An attacker could possibly use this to...

Ubuntu 20.04 ESM / 22.04 ESM : SciPy vulnerabilities (USN-6226-1)

The remote Ubuntu 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6226-1 advisory. It was discovered that SciPy did not properly manage memory operations during reference counting. An attacker could possibly use this issue t...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service due to [CVE-2023-25399]

Summary Python module SciPy is used by IBM App Connect Enterprise Certified Container for mapping assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service. This bulletin provides patch information to...

SUSE CVE-2023-29824

A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue...

python38:3.8 and python38-devel:3.8 security update

babel 2.7.0-11 - Fix CVE-2021-20095 Resolves: rhbz1955615 Cython 0.29.14-4 - Exclude unsupported i686 arch modwsgi 4.6.8-4 - Core dumped upon file upload = 1GB Resolves: rhbz2125171 numpy 1.17.3-6 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 python38...

SUSE CVE-2023-25399

A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly...

GHSA-JRFM-2H82-XG28 Withdrawn: Use after free in SciPy

Withdrawn Advisory This advisory has been withdrawn because it has been found to not be an issue. Please see the issue here for more information. Original Description A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0...

Withdrawn: Use after free in SciPy

Withdrawn Advisory This advisory has been withdrawn because it has been found to not be an issue. Please see the issue here for more information. Original Description A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0...

CVE-2023-29824

A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue...