{"id":"CVE-2021-41500","details":"Incomplete string comparison vulnerability exits in cvxopt.org cvxop \u003c= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects.","aliases":["GHSA-8rh6-h94m-vj54","PYSEC-2021-870"],"modified":"2026-03-14T11:14:39.754717Z","published":"2021-12-17T21:15:07.777Z","references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXTPM3DGVYTYQ54OFCMXZVWVOMR7JM2D/"},{"type":"FIX","url":"https://github.com/cvxopt/cvxopt/issues/193"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cvxopt/cvxopt","events":[{"introduced":"0"},{"last_affected":"60fdb838e0bb2d8f32ba51129552c83b55acd2a7"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.2.6"}]}}],"versions":["1.1.1","1.1.2","1.1.3","1.1.4","1.1.5","1.1.6","1.1.7","1.1.8","1.1.9","1.2.0","1.2.1","1.2.2","1.2.3","1.2.4","1.2.5","1.2.6"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41500.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"34"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}