Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/numpy@1.9.2
Typepypi
Namespace
Namenumpy
Version1.9.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.22.0
Latest_non_vulnerable_version1.22.0
Affected_by_vulnerabilities
0
url VCID-86w7-qcmk-xyca
vulnerability_id VCID-86w7-qcmk-xyca
summary Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41495.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41495.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41495
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.28608
published_at 2026-06-05T12:55:00Z
1
value 0.00107
scoring_system epss
scoring_elements 0.28535
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41495
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41495
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41495
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-5545-2q6w-2gh6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5545-2q6w-2gh6
5
reference_url https://github.com/numpy/numpy
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy
6
reference_url https://github.com/numpy/numpy/issues/19038
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/issues/19038
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-856.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-856.yaml
8
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2035037
reference_id 2035037
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2035037
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41495
reference_id CVE-2021-41495
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41495
11
reference_url https://access.redhat.com/errata/RHSA-2022:8852
reference_id RHSA-2022:8852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8852
12
reference_url https://access.redhat.com/errata/RHSA-2022:8861
reference_id RHSA-2022:8861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8861
13
reference_url https://usn.ubuntu.com/5763-1/
reference_id USN-5763-1
reference_type
scores
url https://usn.ubuntu.com/5763-1/
fixed_packages
0
url pkg:pypi/numpy@1.19
purl pkg:pypi/numpy@1.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.19
1
url pkg:pypi/numpy@1.19.0
purl pkg:pypi/numpy@1.19.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-86w7-qcmk-xyca
1
vulnerability VCID-s2ft-3gq2-tfgv
2
vulnerability VCID-trpn-8hvc-5qd8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.19.0
2
url pkg:pypi/numpy@1.19.1
purl pkg:pypi/numpy@1.19.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s2ft-3gq2-tfgv
1
vulnerability VCID-trpn-8hvc-5qd8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.19.1
aliases CVE-2021-41495, GHSA-5545-2q6w-2gh6, PYSEC-2021-856
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-86w7-qcmk-xyca
1
url VCID-d4gz-n249-4ucx
vulnerability_id VCID-d4gz-n249-4ucx
summary The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12852.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12852.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12852
reference_id
reference_type
scores
0
value 0.00808
scoring_system epss
scoring_elements 0.74578
published_at 2026-06-05T12:55:00Z
1
value 0.00808
scoring_system epss
scoring_elements 0.74547
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12852
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:N/A:C
1
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/advisories/GHSA-frgw-fgh6-9g52
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-frgw-fgh6-9g52
4
reference_url https://github.com/BT123/testcasesForMyRequest/tree/master/CVE-2017-12852
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/BT123/testcasesForMyRequest/tree/master/CVE-2017-12852
5
reference_url https://github.com/numpy/numpy
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy
6
reference_url https://github.com/numpy/numpy/issues/9560#issuecomment-322395292
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/issues/9560#issuecomment-322395292
7
reference_url https://github.com/numpy/numpy/releases/tag/v1.13.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/releases/tag/v1.13.3
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2017-1.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2017-1.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1483686
reference_id 1483686
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1483686
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12852
reference_id CVE-2017-12852
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12852
fixed_packages
0
url pkg:pypi/numpy@1.13.3
purl pkg:pypi/numpy@1.13.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-86w7-qcmk-xyca
1
vulnerability VCID-ms8d-nk6m-hfa9
2
vulnerability VCID-s2ft-3gq2-tfgv
3
vulnerability VCID-trpn-8hvc-5qd8
4
vulnerability VCID-vx94-afb7-ybdw
5
vulnerability VCID-xmpe-ucks-uubr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.13.3
aliases CVE-2017-12852, GHSA-frgw-fgh6-9g52, PYSEC-2017-1
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4gz-n249-4ucx
2
url VCID-ms8d-nk6m-hfa9
vulnerability_id VCID-ms8d-nk6m-hfa9
summary ** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00091.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00091.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00092.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00092.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00015.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00015.html
3
reference_url https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3335
4
reference_url https://access.redhat.com/errata/RHSA-2019:3704
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3704
5
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1122208
reference_id
reference_type
scores
url https://bugzilla.suse.com/show_bug.cgi?id=1122208
6
reference_url https://github.com/numpy/numpy/issues/12759
reference_id
reference_type
scores
url https://github.com/numpy/numpy/issues/12759
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4/
8
reference_url http://www.securityfocus.com/bid/106670
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106670
fixed_packages
0
url pkg:pypi/numpy@1.16.1
purl pkg:pypi/numpy@1.16.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-86w7-qcmk-xyca
1
vulnerability VCID-s2ft-3gq2-tfgv
2
vulnerability VCID-trpn-8hvc-5qd8
3
vulnerability VCID-xmpe-ucks-uubr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.16.1
aliases PYSEC-2019-38
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ms8d-nk6m-hfa9
3
url VCID-s2ft-3gq2-tfgv
vulnerability_id VCID-s2ft-3gq2-tfgv
summary A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33430.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33430.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33430
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.38536
published_at 2026-06-05T12:55:00Z
1
value 0.00173
scoring_system epss
scoring_elements 0.38447
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33430
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33430
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33430
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-6p56-wp2h-9hxr
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6p56-wp2h-9hxr
5
reference_url https://github.com/numpy/numpy
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy
6
reference_url https://github.com/numpy/numpy/commit/ae317fd9ff3e79c0eac357d723bfc29cbd625f2e
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/commit/ae317fd9ff3e79c0eac357d723bfc29cbd625f2e
7
reference_url https://github.com/numpy/numpy/issues/18939
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T14:32:49Z/
url https://github.com/numpy/numpy/issues/18939
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-854.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-854.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2035034
reference_id 2035034
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2035034
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33430
reference_id CVE-2021-33430
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33430
11
reference_url https://access.redhat.com/errata/RHSA-2022:0987
reference_id RHSA-2022:0987
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0987
12
reference_url https://access.redhat.com/errata/RHSA-2022:1000
reference_id RHSA-2022:1000
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1000
13
reference_url https://usn.ubuntu.com/5763-1/
reference_id USN-5763-1
reference_type
scores
url https://usn.ubuntu.com/5763-1/
fixed_packages
0
url pkg:pypi/numpy@1.10.0
purl pkg:pypi/numpy@1.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-86w7-qcmk-xyca
1
vulnerability VCID-d4gz-n249-4ucx
2
vulnerability VCID-ms8d-nk6m-hfa9
3
vulnerability VCID-s2ft-3gq2-tfgv
4
vulnerability VCID-trpn-8hvc-5qd8
5
vulnerability VCID-vx94-afb7-ybdw
6
vulnerability VCID-xmpe-ucks-uubr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.10.0
1
url pkg:pypi/numpy@1.21
purl pkg:pypi/numpy@1.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.21
2
url pkg:pypi/numpy@1.21.0
purl pkg:pypi/numpy@1.21.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-trpn-8hvc-5qd8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.21.0
aliases CVE-2021-33430, GHSA-6p56-wp2h-9hxr, PYSEC-2021-854
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2ft-3gq2-tfgv
4
url VCID-trpn-8hvc-5qd8
vulnerability_id VCID-trpn-8hvc-5qd8
summary Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34141.json
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34141.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-34141
reference_id
reference_type
scores
0
value 0.00064
scoring_system epss
scoring_elements 0.20298
published_at 2026-06-05T12:55:00Z
1
value 0.00064
scoring_system epss
scoring_elements 0.20223
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-34141
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34141
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34141
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-fpfv-jqm9-f5jm
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fpfv-jqm9-f5jm
5
reference_url https://github.com/numpy/numpy
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy
6
reference_url https://github.com/numpy/numpy/issues/18993
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/issues/18993
7
reference_url https://github.com/numpy/numpy/issues/18993#issuecomment-1010735102
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/issues/18993#issuecomment-1010735102
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-855.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2021-855.yaml
9
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2035032
reference_id 2035032
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2035032
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-34141
reference_id CVE-2021-34141
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-34141
12
reference_url https://usn.ubuntu.com/5763-1/
reference_id USN-5763-1
reference_type
scores
url https://usn.ubuntu.com/5763-1/
fixed_packages
0
url pkg:pypi/numpy@1.10.0
purl pkg:pypi/numpy@1.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-86w7-qcmk-xyca
1
vulnerability VCID-d4gz-n249-4ucx
2
vulnerability VCID-ms8d-nk6m-hfa9
3
vulnerability VCID-s2ft-3gq2-tfgv
4
vulnerability VCID-trpn-8hvc-5qd8
5
vulnerability VCID-vx94-afb7-ybdw
6
vulnerability VCID-xmpe-ucks-uubr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.10.0
1
url pkg:pypi/numpy@1.22.0
purl pkg:pypi/numpy@1.22.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.22.0
2
url pkg:pypi/numpy@1.22
purl pkg:pypi/numpy@1.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.22
aliases CVE-2021-34141, GHSA-fpfv-jqm9-f5jm, PYSEC-2021-855
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-trpn-8hvc-5qd8
5
url VCID-vx94-afb7-ybdw
vulnerability_id VCID-vx94-afb7-ybdw
summary ** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00091.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00091.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00092.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00092.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00015.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00015.html
3
reference_url https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3335
4
reference_url https://access.redhat.com/errata/RHSA-2019:3704
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3704
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6446.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6446.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6446
reference_id
reference_type
scores
0
value 0.71492
scoring_system epss
scoring_elements 0.98745
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6446
7
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1122208
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1122208
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/numpy/numpy
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy
10
reference_url https://github.com/numpy/numpy/issues/12759
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/issues/12759
11
reference_url https://github.com/numpy/numpy/pull/12889
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/pull/12889
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2019-108.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2019-108.yaml
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4/
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6446
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6446
17
reference_url https://web.archive.org/web/20210124234613/https://www.securityfocus.com/bid/106670
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124234613/https://www.securityfocus.com/bid/106670
18
reference_url http://www.securityfocus.com/bid/106670
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106670
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1667950
reference_id 1667950
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1667950
20
reference_url https://github.com/advisories/GHSA-9fq2-x9r6-wfmf
reference_id GHSA-9fq2-x9r6-wfmf
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9fq2-x9r6-wfmf
fixed_packages
0
url pkg:pypi/numpy@1.16.1
purl pkg:pypi/numpy@1.16.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-86w7-qcmk-xyca
1
vulnerability VCID-s2ft-3gq2-tfgv
2
vulnerability VCID-trpn-8hvc-5qd8
3
vulnerability VCID-xmpe-ucks-uubr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.16.1
aliases CVE-2019-6446, GHSA-9fq2-x9r6-wfmf, PYSEC-2019-108
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vx94-afb7-ybdw
6
url VCID-xmpe-ucks-uubr
vulnerability_id VCID-xmpe-ucks-uubr
summary Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41496.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41496.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41496
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11339
published_at 2026-06-05T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11251
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41496
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41496
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41496
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-f7c7-j99h-c22f
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f7c7-j99h-c22f
5
reference_url https://github.com/numpy/numpy
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy
6
reference_url https://github.com/numpy/numpy/issues/19000
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/numpy/numpy/issues/19000
7
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2035040
reference_id 2035040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2035040
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41496
reference_id CVE-2021-41496
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41496
10
reference_url https://access.redhat.com/errata/RHSA-2022:0987
reference_id RHSA-2022:0987
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0987
11
reference_url https://access.redhat.com/errata/RHSA-2022:1000
reference_id RHSA-2022:1000
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1000
12
reference_url https://usn.ubuntu.com/5763-1/
reference_id USN-5763-1
reference_type
scores
url https://usn.ubuntu.com/5763-1/
fixed_packages
0
url pkg:pypi/numpy@1.19
purl pkg:pypi/numpy@1.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.19
1
url pkg:pypi/numpy@1.19.0
purl pkg:pypi/numpy@1.19.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-86w7-qcmk-xyca
1
vulnerability VCID-s2ft-3gq2-tfgv
2
vulnerability VCID-trpn-8hvc-5qd8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.19.0
aliases CVE-2021-41496, GHSA-f7c7-j99h-c22f, PYSEC-2021-857
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmpe-ucks-uubr
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.9.2