VulnerableCode Package Details - pkg:pypi/cvxopt@1.2.6

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/cvxopt@1.2.6

Essentials
History (1)

purl	pkg:pypi/cvxopt@1.2.6

Next non-vulnerable version	1.2.7
Latest non-vulnerable version	1.2.7
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-sgng-sj7m-gub3 Aliases: CVE-2021-41500 GHSA-8rh6-h94m-vj54 PYSEC-2021-870	Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects.	1.2.7 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:16:14.235319+00:00	Pypa Importer	Affected by	VCID-sgng-sj7m-gub3	https://github.com/pypa/advisory-database/blob/main/vulns/cvxopt/PYSEC-2021-870.yaml	38.6.0