CVE-2014-1858

Improper Input Validation in pypi/numpy

Identifiers

GHSA-cw6w-4rcx-xphc, CVE-2014-1858

Package Slug

pypi/numpy

Vulnerability

Improper Input Validation

Description

init.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.

Affected Versions

All versions before 1.8.1

Solution

Upgrade to version 1.8.1 or above.

Last Modified

2022-06-19

source