Fix NumPy — CVE-2021-34141 MEDIUM
Fix CVE-2021-34141 (MEDIUM) in NumPy for PyPI. Paste your requirements.txt into PackageFix and get a patched version — no CLI, no signup. String comparison returning inconsistent results with null bytes.
⚠ Vulnerability
CVE-2021-34141 (MEDIUM) — string comparison returning inconsistent results with null bytes in NumPy versions below 1.26.4.
Vulnerable Version — requirements.txt
numpy==1.24.0
Fixed Version — requirements.txt
numpy==1.26.4
✓ Fix
Update NumPy to 1.26.4 or later. Run pip install -r requirements.txt to apply. Verify with your ecosystem's audit tool after updating.
Paste your manifest — get back a fixed version with all CVEs patched in seconds.
Open PackageFix →No signup · No CLI · No GitHub connection · Runs 100% in your browser
CVE Details
| Field | Value |
|---|---|
| CVE ID | CVE-2021-34141 |
| Severity | MEDIUM |
| Package | NumPy (PyPI) |
| Vulnerable versions | Below 1.26.4 |
| Safe version | 1.26.4 |
| CISA KEV | — |
| Description | String comparison returning inconsistent results with null bytes |
Frequently Asked Questions
What is CVE-2021-34141?
CVE-2021-34141 is a MEDIUM severity vulnerability in NumPy (PyPI). It allows string comparison returning inconsistent results with null bytes. Update to version 1.26.4 or later to fix it.
How do I fix CVE-2021-34141 in NumPy?
Update NumPy to version 1.26.4 in your requirements.txt. Run pip install -r requirements.txt after updating to apply the fix.
Is CVE-2021-34141 being actively exploited?
Check the live CISA KEV catalog at packagefix.dev — PackageFix always reflects the current KEV status.
How do I check if I am affected by CVE-2021-34141?
Paste your requirements.txt into PackageFix. If your installed version of NumPy is below 1.26.4, you are affected. PackageFix shows the exact CVE ID and fix version.
What search queries does this page target?
This page covers: NumPy CVE, numpy vulnerability, numpy security patch.