GHSA-p4m5-32pr-2hqr

Source

https://github.com/advisories/GHSA-p4m5-32pr-2hqr

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-p4m5-32pr-2hqr/GHSA-p4m5-32pr-2hqr.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-p4m5-32pr-2hqr

Published

2024-02-26T20:04:19Z

Modified

2024-12-04T05:37:46.573891Z

Summary

PyPop C extensions possible vulnerability: missing arguments and redundant null pointers

Details

Impact

Code scanning revealed possible vulnerability in C extensions for PyPop: incorrect function calls (missing arguments or wrongly typed arguments) and redundant null pointers.

Patches

The problem has been patched and fixed in the latest release of PyPop: 1.0.2. Please upgrade your PyPop installation via:

pip install -U pypop-genomics

Workarounds

No. Upgrade to the latest package: 1.0.2.

References

N/A

Database specific

{
    "severity": "LOW",
    "github_reviewed_at": "2024-02-26T20:04:19Z",
    "github_reviewed": true,
    "cwe_ids": [],
    "nvd_published_at": null
}

References

Affected packages

PyPI / pypop-genomics

Package

Name: pypop-genomics; View open source insights on deps.dev
Purl: pkg:pypi/pypop-genomics

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.2

Affected versions

1.*

1.0.0a38

1.0.0a39

1.0.0a40

1.0.0b1

1.0.0b2

1.0.0b3

1.0.0b4

1.0.0b5

1.0.0b6

1.0.0b7

1.0.0b8

1.0.0rc1

1.0.0rc2

1.0.0

1.0.1rc1

1.0.1rc2

1.0.1rc3

1.0.1