0.001 Low
EPSS
Percentile
37.9%
numpy is vulnerable to denial of service. The vulnerability exists due to the insecure string comparison in _convert_from_str of descriptor.c, allowing an attacker to crash the application.
_convert_from_str
descriptor.c
github.com/numpy/numpy/commit/eeef9d4646103c3b1afd3085f1393f2b3f9575b2
github.com/numpy/numpy/issues/18993
www.oracle.com/security-alerts/cpujul2022.html