CVE-2023-25399

medium

Description

A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly.

References

https://github.com/scipy/scipy/pull/16397

https://github.com/scipy/scipy/issues/16235#issuecomment-1625361328

https://github.com/scipy/scipy/issues/16235

http://www.square16.org/achievement/cve-2023-25399/

Details

Source: Mitre, NVD

Published: 2023-07-05

Updated: 2024-08-02

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium