CVE-2017-12852
Description
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.808
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-12852 are fixed in Python-numpy 1.13.3 | Windows |
| SUSE-SU-2022:3954-1(SUSE Linux Enterprise Server 12-SP5 ) python-numpy-1.8.0-5.19.1.x86_64.rpm | Linux |
| SUSE-SU-2022:3954-1(SUSE Linux Enterprise Server 12-SP5 ) python-numpy-debuginfo-1.8.0-5.19.1.x86_64.rpm | Linux |
| SUSE-SU-2022:3954-1(SUSE Linux Enterprise Server 12-SP5 ) python-numpy-debugsource-1.8.0-5.19.1.x86_64.rpm | Linux |
| Vulnerabilities CVE-2017-12852 are fixed in Python-numpy for linux 1.13.3 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234