Homepage

amici@0.8.2 vulnerabilities

Advanced multi-language Interface to CVODES and IDAS

  • latest version

    0.30.0

  • latest non vulnerable version

    0.30.0

  • first published

    6 years ago

  • latest version published

    1 months ago

  • licenses detected

  • View amici package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the amici package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Race Condition

    amici is an Advanced multi-language Interface to CVODES and IDAS

    Affected versions of this package are vulnerable to Race Condition due to the use of shared static variables in multi-threaded contexts.

    Exploiting this vulnerability is possible by triggering concurrent executions, leading to data corruption or unexpected behavior. The vulnerability arises from the eval_counter and root_buffer variables in solver.cpp and solver_cvodes.cpp not being thread-safe.

    How to fix Race Condition?

    Upgrade amici to version 0.29.0 or higher.

    [,0.29.0)
    Go back to all versions of this package