{"id":"PYSEC-2021-854","details":"A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service.","aliases":["CVE-2021-33430","GHSA-6p56-wp2h-9hxr"],"modified":"2023-11-01T04:55:34.861336Z","published":"2021-12-17T19:15:00Z","references":[{"type":"REPORT","url":"https://github.com/numpy/numpy/issues/18939"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-6p56-wp2h-9hxr"}],"affected":[{"package":{"name":"numpy","ecosystem":"PyPI","purl":"pkg:pypi/numpy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"1.9.0"},{"fixed":"1.10.0"}]}],"versions":["1.9.0","1.9.1","1.9.2","1.9.3"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/numpy/PYSEC-2021-854.yaml"}}],"schema_version":"1.7.3"}