cvxopt@1.1.6 vulnerabilities

Convex optimization package

latest version

1.3.2
latest non vulnerable version

1.3.2
first published

10 years ago
latest version published

10 months ago
licenses detected
- GPL-3.0
  [0,)
View cvxopt package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cvxopt package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Denial of Service (DoS) cvxopt is a Convex optimization package Affected versions of this package are vulnerable to Denial of Service (DoS). An incomplete string comparison vulnerability exists in multiple APIs (`cvxopt.cholmod.diag`, `cvxopt.cholmod.getfactor`, `cvxopt.cholmod.solve`, `cvxopt.cholmod.spsolve`), which allows attackers to conduct Denial of Service attacks by constructing fake Capsule objects. How to fix Denial of Service (DoS)? Upgrade `cvxopt` to version 1.2.7 or higher.	[,1.2.7)

Denial of Service (DoS)

cvxopt is a Convex optimization package

Affected versions of this package are vulnerable to Denial of Service (DoS). An incomplete string comparison vulnerability exists in multiple APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by constructing fake Capsule objects.

How to fix Denial of Service (DoS)?

Upgrade cvxopt to version 1.2.7 or higher.

[,1.2.7)

Go back to all versions of this package

cvxopt@1.1.6 vulnerabilities

Convex optimization package

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities