CVE-2021-34141

Published December 17th, 2021

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."

numpy/numpy

The fundamental package for scientific computing with Python.

GitHub

32.3K