An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
References
Link | Resource |
---|---|
https://github.com/numpy/numpy/issues/18993 | Exploit Issue Tracking Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Patch Third Party Advisory |
https://github.com/numpy/numpy/issues/18993 | Exploit Issue Tracking Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 06:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/numpy/numpy/issues/18993 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
References | () https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory |
Information
Published : 2021-12-17 19:15
Updated : 2024-11-21 06:09
NVD link : CVE-2021-34141
Mitre link : CVE-2021-34141
CVE.ORG link : CVE-2021-34141
JSON object : View
Products Affected
oracle
- communications_cloud_native_core_policy
numpy
- numpy
CWE
CWE-697
Incorrect Comparison