CVE-2023-25399: Uncontrolled Resource Consumption

July 5, 2023 (updated August 24, 2023)

A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function.

References

www.square16.org/achievement/cve-2023-25399/
github.com/scipy/scipy/issues/16235
github.com/scipy/scipy/pull/16397
nvd.nist.gov/vuln/detail/CVE-2023-25399

Detect and mitigate CVE-2023-25399 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →