VDB
DEBIAN-CVE-2021-41496
DEBIAN-CVE-2021-41496
PUBLISHED
CVSS 5.5 MEDIUM
Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally)
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | numpy | 1:1.26.4+ds-1, 1:1.26.3-2, 1:1.26.4+ds-10 |
| Debian:14 | numpy | 2.3.3+ds, 2.3.3+ds, 2.3.3+ds |
| Debian:11 | numpy | *, *, * |
| Debian:13 | numpy | 0, 2.2.4+ds, 2.2.4+ds |
Timeline
- Dec 17, 2021 CVE Published
- Apr 28, 2026 CVE Updated