Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/35308?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35308?format=api", "vulnerability_id": "VCID-vx94-afb7-ybdw", "summary": "** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources.", "aliases": [ { "alias": "CVE-2019-6446" }, { "alias": "GHSA-9fq2-x9r6-wfmf" }, { "alias": "PYSEC-2019-108" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12743?format=api", "purl": "pkg:pypi/numpy@1.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.16.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/10101?format=api", "purl": "pkg:pypi/numpy@0.9.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@0.9.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/10102?format=api", "purl": "pkg:pypi/numpy@0.9.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@0.9.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/10103?format=api", "purl": "pkg:pypi/numpy@1.0b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0b1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10104?format=api", "purl": "pkg:pypi/numpy@1.0b4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0b4" }, { "url": "http://public2.vulnerablecode.io/api/packages/10105?format=api", "purl": "pkg:pypi/numpy@1.0b5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0b5" }, { "url": "http://public2.vulnerablecode.io/api/packages/10106?format=api", "purl": "pkg:pypi/numpy@1.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10107?format=api", "purl": "pkg:pypi/numpy@1.0rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10108?format=api", "purl": "pkg:pypi/numpy@1.0rc3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0rc3" }, { "url": "http://public2.vulnerablecode.io/api/packages/10109?format=api", "purl": "pkg:pypi/numpy@1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10110?format=api", "purl": "pkg:pypi/numpy@1.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/10111?format=api", "purl": "pkg:pypi/numpy@1.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/10112?format=api", "purl": "pkg:pypi/numpy@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10113?format=api", "purl": "pkg:pypi/numpy@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10114?format=api", "purl": "pkg:pypi/numpy@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10115?format=api", "purl": "pkg:pypi/numpy@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10116?format=api", "purl": "pkg:pypi/numpy@1.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10117?format=api", "purl": "pkg:pypi/numpy@1.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10118?format=api", "purl": "pkg:pypi/numpy@1.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10119?format=api", "purl": "pkg:pypi/numpy@1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10120?format=api", "purl": "pkg:pypi/numpy@1.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10121?format=api", "purl": "pkg:pypi/numpy@1.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10122?format=api", "purl": "pkg:pypi/numpy@1.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10123?format=api", "purl": "pkg:pypi/numpy@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10124?format=api", "purl": "pkg:pypi/numpy@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10125?format=api", "purl": "pkg:pypi/numpy@1.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10126?format=api", "purl": "pkg:pypi/numpy@1.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-hgxa-jmn2-7udg" }, { "vulnerability": "VCID-tefk-aqbz-z3gh" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10127?format=api", "purl": "pkg:pypi/numpy@1.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10128?format=api", "purl": "pkg:pypi/numpy@1.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10129?format=api", "purl": "pkg:pypi/numpy@1.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-s2ft-3gq2-tfgv" }, { "vulnerability": "VCID-trpn-8hvc-5qd8" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10130?format=api", "purl": "pkg:pypi/numpy@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-s2ft-3gq2-tfgv" }, { "vulnerability": "VCID-trpn-8hvc-5qd8" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10131?format=api", "purl": "pkg:pypi/numpy@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-s2ft-3gq2-tfgv" }, { "vulnerability": "VCID-trpn-8hvc-5qd8" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10132?format=api", "purl": "pkg:pypi/numpy@1.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-s2ft-3gq2-tfgv" }, { "vulnerability": "VCID-trpn-8hvc-5qd8" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/10133?format=api", "purl": "pkg:pypi/numpy@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10134?format=api", "purl": "pkg:pypi/numpy@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10135?format=api", "purl": "pkg:pypi/numpy@1.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10136?format=api", "purl": "pkg:pypi/numpy@1.10.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.10.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/10137?format=api", "purl": "pkg:pypi/numpy@1.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.10.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/10138?format=api", "purl": "pkg:pypi/numpy@1.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10139?format=api", "purl": "pkg:pypi/numpy@1.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10140?format=api", "purl": "pkg:pypi/numpy@1.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10141?format=api", "purl": "pkg:pypi/numpy@1.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/10142?format=api", "purl": "pkg:pypi/numpy@1.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10143?format=api", "purl": "pkg:pypi/numpy@1.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10144?format=api", "purl": "pkg:pypi/numpy@1.13.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.13.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10145?format=api", "purl": "pkg:pypi/numpy@1.13.0rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.13.0rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10146?format=api", "purl": "pkg:pypi/numpy@1.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10147?format=api", "purl": "pkg:pypi/numpy@1.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-d4gz-n249-4ucx" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10148?format=api", "purl": "pkg:pypi/numpy@1.13.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.13.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12725?format=api", "purl": "pkg:pypi/numpy@1.14.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.14.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12726?format=api", "purl": "pkg:pypi/numpy@1.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/12727?format=api", "purl": "pkg:pypi/numpy@1.14.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.14.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12728?format=api", "purl": "pkg:pypi/numpy@1.14.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.14.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12729?format=api", "purl": "pkg:pypi/numpy@1.14.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.14.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12730?format=api", "purl": "pkg:pypi/numpy@1.14.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.14.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/12731?format=api", "purl": "pkg:pypi/numpy@1.14.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.14.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/12732?format=api", "purl": "pkg:pypi/numpy@1.14.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.14.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/12733?format=api", "purl": "pkg:pypi/numpy@1.15.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.15.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12734?format=api", "purl": "pkg:pypi/numpy@1.15.0rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.15.0rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12735?format=api", "purl": "pkg:pypi/numpy@1.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.15.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/12736?format=api", "purl": "pkg:pypi/numpy@1.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.15.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12737?format=api", "purl": "pkg:pypi/numpy@1.15.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.15.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12738?format=api", "purl": "pkg:pypi/numpy@1.15.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.15.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12739?format=api", "purl": "pkg:pypi/numpy@1.15.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.15.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/12740?format=api", "purl": "pkg:pypi/numpy@1.16.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.16.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12741?format=api", "purl": "pkg:pypi/numpy@1.16.0rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.16.0rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12742?format=api", "purl": "pkg:pypi/numpy@1.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86w7-qcmk-xyca" }, { "vulnerability": "VCID-vx94-afb7-ybdw" }, { "vulnerability": "VCID-xmpe-ucks-uubr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/numpy@1.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/145967?format=api", "purl": "pkg:rpm/redhat/numpy@1:1.14.3-9?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-vx94-afb7-ybdw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/numpy@1:1.14.3-9%3Farch=el8" } ], "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00091.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00092.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00092.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00015.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00015.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3335", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3704", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3704" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6446.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6446.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6446", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.71492", "scoring_system": "epss", "scoring_elements": "0.98745", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6446" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1122208", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1122208" }, { "reference_url": "https://github.com/numpy/numpy", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/numpy/numpy" }, { "reference_url": "https://github.com/numpy/numpy/issues/12759", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/numpy/numpy/issues/12759" }, { "reference_url": "https://github.com/numpy/numpy/pull/12889", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/numpy/numpy/pull/12889" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2019-108.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2019-108.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZZAYIQNUUYXGMKHSPEEXS4TRYFOUYE4/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6446", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6446" }, { "reference_url": "https://web.archive.org/web/20210124234613/https://www.securityfocus.com/bid/106670", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124234613/https://www.securityfocus.com/bid/106670" }, { "reference_url": "http://www.securityfocus.com/bid/106670", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667950", "reference_id": "1667950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667950" } ], "weaknesses": [ { "cwe_id": 358, "name": "Improperly Implemented Security Check for Standard", "description": "The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique." }, { "cwe_id": 20, "name": "Improper Input Validation", "description": "The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly." }, { "cwe_id": 502, "name": "Deserialization of Untrusted Data", "description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid." } ], "exploits": [], "severity_range_score": "8.8 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vx94-afb7-ybdw" }