### [CVE-2021-41496](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41496)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)

### Description

Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally)

### POC

#### Reference
- https://www.oracle.com/security-alerts/cpujul2022.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ChamalBandara/CVEs
- https://github.com/Daybreak2019/PolyCruise
- https://github.com/awen-li/PolyCruise
- https://github.com/baltsers/polycruise
- https://github.com/mangoding71/AGNC