CVE-2023-25399 – scipy

Package

Manager: pip
Name: scipy
Vulnerable Version: <0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: N/A

EPSS: 0.0016 pctl0.37462

Details

Withdrawn: scipy memory leak vulnerability ## Withdrawn Advisory This advisory has been withdrawn because it has been found to not be an issue. Please see the issue [here](https://github.com/scipy/scipy/issues/16235#issuecomment-1625361328) for more information. ## Original Description A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in `Py_FindObjects()` function.

Metadata

Created: 2023-07-05T18:30:44Z
Modified: 2024-05-14T20:15:44Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-9jx5-6pgf-crrp/GHSA-9jx5-6pgf-crrp.json
CWE IDs: ["CWE-400"]
Alternative ID: GHSA-9jx5-6pgf-crrp
Finding: N/A
Auto approve: 0