VDB
CVE-2019-6446
CVE-2019-6446
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Numpy Deserialization of Untrusted Data
EPSS 71.49% · 98.7th percentile
Risk Scores
CVSS v3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
71.49%
98.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| fedoraproject | fedora | 30 |
| n/a | n/a | n/a |
| numpy | numpy | 0 |
| PyPI | numpy | 0 |
Exploit Intelligence
- Numpy deserialization command execution (github-poc)
- Numpy deserialization command execution (github-poc)
- Numpy deserialization command execution (github-poc)
- Numpy deserialization command execution (github-poc)
- Numpy deserialization command execution (github-poc)
- Numpy deserialization command execution (github-poc)
- Numpy deserialization command execution (github-poc)
- Numpy deserialization command execution (github-poc)
- Numpy deserialization command execution (github-poc)
- https://github.com/numpy/numpy/issues/12759 (nist-nvd)
…and 12 more exploits
Timeline
- Jan 16, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- May 13, 2023 EPSS Score
- Sep 15, 2023 EPSS Score
- Nov 8, 2023 EPSS Score
References
- https://bugzilla.suse.com/show_bug.cgi?id=1122208 url
- 106670 vdb
- https://github.com/numpy/numpy/issues/12759 url
- FEDORA-2019-1dfe95a864 vendor-advisory
- openSUSE-SU-2019:2227 vendor-advisory
- openSUSE-SU-2019:2225 vendor-advisory
- openSUSE-SU-2019:2259 vendor-advisory
- RHSA-2019:3335 vendor-advisory
- RHSA-2019:3704 vendor-advisory
- https://github.com/numpy/numpy/pull/13359 url
- https://github.com/numpy/numpy/pull/12889 url
- https://github.com/numpy/numpy/commit/89b688732b37616c9d26623f81aaee1703c30ffb url
- FEDORA-2019-1dfe95a864 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-6446 advisory
- https://github.com/numpy/numpy package
- https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2019-108.yaml url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4 url
- https://web.archive.org/web/20210124234613/https://www.securityfocus.com/bid/106670 url