Incorrect Comparison
CVE-2021-34141
Summary
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0rc1 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- LOW
CWE-697 - Incorrect Comparison
The software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.
References
Advisory Timeline
- Published