VDB

GCVE-110-MAGEIA-2013-330

GCVE-110-MAGEIA-2013-330
Advisory Published
Vulnetix · Advisory published November 20, 2013
Updated python-scipy package fixes security vulnerability: scipy.weave will use /tmp/[username] as persistent storage (cache), but it does not check whether or not this directory already exists, does not check whether it is a directory or a symlink, and also does not verify permissions or ownership, which could allow someone to place code in this directory that would be executed as the user running scipy.weave (CVE-2013-4251). The update also adds some missing dependencies.

Affected Products

VendorProductVersionsPlatforms
Mageiapython-scipy0 (affected), 0.9.0-3.4.mga2 (unaffected)
Mageiapython-scipy0 (affected), 0.9.0-7.3.mga3 (unaffected)

Browse GCVE Records

72,409 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›