An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
References
Link | Resource |
---|---|
https://github.com/numpy/numpy/issues/18993 | Exploit Issue Tracking Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Patch Third Party Advisory |
Configurations
History
No history.
Information
Published : 2021-12-17 19:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-34141
Mitre link : CVE-2021-34141
CVE.ORG link : CVE-2021-34141
JSON object : View
Products Affected
numpy
- numpy
oracle
- communications_cloud_native_core_policy
CWE
CWE-697
Incorrect Comparison