5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
DISPUTED A refcounting issue which leads to potential memory leak was
discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note:
This is disputed as a bug and not a vulnerability. SciPy is not designed to
be exposed to untrusted users or data directly.
www.square16.org/achievement/cve-2023-25399/
github.com/scipy/scipy/issues/16235
github.com/scipy/scipy/pull/16397
launchpad.net/bugs/cve/CVE-2023-25399
nvd.nist.gov/vuln/detail/CVE-2023-25399
security-tracker.debian.org/tracker/CVE-2023-25399
ubuntu.com/security/notices/USN-6226-1
www.cve.org/CVERecord?id=CVE-2023-25399
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%