CVE-2013-4251

NameCVE-2013-4251
DescriptionThe scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-26-1
NVD severitymedium
Debian Bugs726093

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
python-scipy (PTS)jessie0.14.0-2fixed
stretch0.18.1-2fixed
buster1.1.0-7fixed
bullseye1.2.2-8fixed
sid1.2.2-11fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
python-scipysource(unstable)0.12.0-3726093
python-scipysourcesqueeze0.7.2+dfsg1-1+deb6u1

Notes

[wheezy] - python-scipy <no-dsa> (Minor issue)
https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973

Search for package or bug name: Reporting problems