How severe is CVE-2021-33430?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2021-33430?

This is classified as CWE-120, which is a common weakness in software security.

CVE-2021-33430 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In (very limited) circumstances a user may be able provoke the buffer overflow, the user is most likely already privileged to at least provoke denial of service by exhausting memory. Triggering this further requires the use of uncommon API (complicated structured dtypes), which is very unlikely to be available to an unprivileged user

Related Vulnerabilities

CVE-2018-14788

MEDIUM

CVSS:5.3(Medium)

Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types.

CWE-1202018

CVE-2020-26422

MEDIUM

CVSS:5.3(Medium)

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file

CWE-1202020

CVE-2020-4465

MEDIUM

CVSS:5.3(Medium)

IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. A remote attacker cou...

CWE-1202020

CVE-2020-4869

MEDIUM

CVSS:5.3(Medium)

IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a specially crafted SNMP query to cause the appliance to reload. IBM...

CWE-1202020

CVE-2020-7120

MEDIUM

CVSS:5.3(Medium)

A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow...

CWE-1202020

CVE-2021-29297

MEDIUM

CVSS:5.3(Medium)

Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack t...

CWE-1202021