Cvxopt Project: >> Cvxopt >> 1.2.3 Security Vulnerabilities
Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-12-17