EUVD-2023-0234

Malicious code in bioql PyPI...

ROS-20240917-02

A vulnerability in the PyFindObjects function of the PyFindObjects library for the open-source Python programming language scipy is related to memory usage after release. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and...

RHEL 8 : scipy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - scipy: use-after-free in PyFindObjects function CVE-2023-29824 - A refcounting issue which leads to...

RHEL 7 : scipy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - scipy: use-after-free in PyFindObjects function CVE-2023-29824 - A refcounting issue which leads to...

EulerOS 2.0 SP8 : scipy (EulerOS-SA-2023-3158)

According to the versions of the scipy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function. CVE-2023-25399 - A...

EulerOS Virtualization 2.9.1 : scipy (EulerOS-SA-2023-3094)

According to the versions of the scipy package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function...

EulerOS Virtualization 2.9.0 : scipy (EulerOS-SA-2023-3108)

According to the versions of the scipy package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function...

EulerOS Virtualization 2.10.1 : scipy (EulerOS-SA-2023-3511)

According to the versions of the scipy package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function...

EulerOS 2.0 SP10 : scipy (EulerOS-SA-2023-3195)

According to the versions of the scipy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function. CVE-2023-25399 - A...

EulerOS 2.0 SP9 : scipy (EulerOS-SA-2023-2889)

According to the versions of the scipy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function. CVE-2023-25399 - A...

EulerOS 2.0 SP11 : scipy (EulerOS-SA-2023-2870)

According to the versions of the scipy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function. CVE-2023-25399 - A...

EulerOS 2.0 SP9 : scipy (EulerOS-SA-2023-2908)

According to the versions of the scipy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function. CVE-2023-25399 - A...

Medium: scipy

Issue Overview: A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. CVE-2023-29824 Affected Packages: scipy Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

CVE-2023-25399

A flaw was found in SciPy, where it is vulnerable to a denial of service caused by a memory leak flaw in the PyFindObjects function due to a new reference not being decreased. This flaw allows a local attacker to send a specially crafted request, forcing the application to leak memory and perform...

CVE-2023-29824

A flaw was found in SciPy, where it is vulnerable to a denial of service caused by a use-after-free bug in the PyFindObjects function. By sending a specially crafted request, an attacker can cause a denial of service condition...

GHSA-JRFM-2H82-XG28 Withdrawn: Use after free in SciPy

Withdrawn Advisory This advisory has been withdrawn because it has been found to not be an issue. Please see the issue here for more information. Original Description A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0...

CVE-2023-29824

A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue...

PYSEC-2023-114

DISPUTED A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue...

Design/Logic Flaw

DISPUTED A use-after-free issue was discovered in PyFindObjects function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue...

CVE-2023-25399

A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly...