{"id":"PYSEC-2019-156","details":"The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.","aliases":["CVE-2013-4251","GHSA-xp76-357g-9wqq"],"modified":"2024-04-29T10:28:13.967342Z","published":"2019-11-04T20:15:00Z","references":[{"type":"WEB","url":"https://security-tracker.debian.org/tracker/CVE-2013-4251"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4251"},{"type":"WEB","url":"https://access.redhat.com/security/cve/cve-2013-4251"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4251"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/88052"},{"type":"FIX","url":"https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119759.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119771.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/63008"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120696.html"}],"affected":[{"package":{"name":"scipy","ecosystem":"PyPI","purl":"pkg:pypi/scipy"},"ranges":[{"type":"GIT","repo":"https://github.com/scipy/scipy","events":[{"introduced":"0"},{"fixed":"bd296e0336420b840fcd2faabb97084fd252a973"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.12.1"}]}],"versions":["0.10.0","0.10.1","0.11.0","0.12.0","0.4.4","0.5.2","0.6.0","0.7.0","0.7.2","0.8.0","0.9.0"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/scipy/PYSEC-2019-156.yaml"}}],"schema_version":"1.7.3"}