Homepage

scipy

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the scipy package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
CVE-2023-40217

<0:1.0.0-21.module+el8.10.0+1592+61442852
  • M
CVE-2023-32681

<0:1.0.0-22.module+el8.10.0+1817+0b01df83
  • M
Directory Traversal

<0:1.5.4-5.module+el8.10.0+1860+afcc1c71
  • H
CVE-2025-8291

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2025-6075

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2025-6069

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2025-4517

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2025-4516

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2025-4435

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2025-4330

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2025-4138

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2025-0938

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
Arbitrary Command Injection

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2024-5642

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2024-11168

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • M
CVE-2025-8194

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • M
Directory Traversal

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • L
Out-of-bounds Read

<0:1.0.0-21.module+el8.10.0+1592+61442852
  • M
Insufficient Verification of Data Authenticity

<0:1.5.4-5.module+el8.10.0+1860+afcc1c71
  • M
CVE-2024-8088

<0:1.5.4-5.module+el8.10.0+1860+afcc1c71
  • M
CVE-2024-6923

<0:1.5.4-5.module+el8.10.0+1860+afcc1c71
  • M
Arbitrary Code Injection

<0:1.5.4-5.module+el8.10.0+1860+afcc1c71
  • M
CVE-2024-4032

<0:1.5.4-5.module+el8.10.0+1860+afcc1c71
  • M
Cross-site Scripting (XSS)

<0:1.0.0-22.module+el8.10.0+1817+0b01df83
  • M
XML External Entity (XXE) Injection

<0:1.0.0-22.module+el8.10.0+1817+0b01df83
  • M
Use After Free

<0:1.0.0-22.module+el8.10.0+1817+0b01df83
  • H
Arbitrary Command Injection

<0:1.0.0-21.module+el8.10.0+1592+61442852
  • M
Inefficient Regular Expression Complexity

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
Inefficient Regular Expression Complexity

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2024-0450

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
CVE-2023-6597

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • M
CVE-2023-43804

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • M
Improper Input Validation

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • M
Improper Check for Unusual or Exceptional Conditions

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • M
Inefficient Regular Expression Complexity

<0:1.5.4-5.module+el8.10.0+1582+bc278001
  • H
Improper Input Validation

<0:1.3.1-4.module+el8.5.0+672+ab6eb015
  • M
Directory Traversal

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
CRLF Injection

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
CRLF Injection

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
CVE-2019-16056

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Improper Certificate Validation

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
CRLF Injection

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Improper Input Validation

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
CVE-2018-20060

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Insufficiently Protected Credentials

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Arbitrary Command Injection

<0:1.5.4-3.module+el8.4.0+574+843c4898
  • M
Cross-site Scripting (XSS)

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Deserialization of Untrusted Data

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Directory Traversal

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Resource Exhaustion

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Improper Input Validation

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Use of Insufficiently Random Values

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Deserialization of Untrusted Data

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
CVE-2021-3572

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Directory Traversal

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Resource Exhaustion

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
CVE-2021-29921

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Improper Input Validation

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Buffer Overflow

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Cross-site Scripting (XSS)

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Arbitrary Code Injection

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Double Free

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Arbitrary Code Injection

<0:1.0.0-20.module+el8.3.0+120+426d8baf
  • M
Directory Traversal

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Cross-site Scripting (XSS)

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Inefficient Regular Expression Complexity

<0:1.0.0-21.module+el8.5.0+671+195e4563
  • M
HTTP Request Smuggling

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.0.0-21.module+el8.5.0+671+195e4563
  • M
Resource Exhaustion

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
CVE-2020-27619

<0:1.3.1-4.module+el8.4.0+570+c2eaf144
  • M
Arbitrary Code Injection

<0:1.0.0-21.module+el8.5.0+671+195e4563
  • M
Arbitrary Code Injection

<0:1.5.4-3.module+el8.4.0+574+843c4898
  • M
Unchecked Return Value

<0:1.0.0-21.module+el8.5.0+671+195e4563
  • M
Resource Exhaustion

<0:1.5.4-3.module+el8.4.0+574+843c4898
  • M
Resource Exhaustion

<0:1.5.4-3.module+el8.4.0+574+843c4898
  • H
CVE-2022-42919

<0:1.5.4-3.module+el8.4.0+574+843c4898