Описание
Numpy missing input validation
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-12852
- https://github.com/numpy/numpy/issues/9560#issuecomment-322395292
- https://github.com/BT123/testcasesForMyRequest/tree/master/CVE-2017-12852
- https://github.com/advisories/GHSA-frgw-fgh6-9g52
- https://github.com/numpy/numpy/releases/tag/v1.13.3
- https://github.com/pypa/advisory-database/tree/main/vulns/numpy/PYSEC-2017-1.yaml
Пакеты
numpy
< 1.13.3
1.13.3
Связанные уязвимости
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
The numpy.pad function in Numpy 1.13.1 and older versions is missing i ...
