| ID | CVE-2020-28975 | ||||||
| Sažetak | svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced via pickle, json, or any other model permanence standard) with a large value in the _n_support array. NOTE: the scikit-learn vendor's position is that the behavior can only occur if the library's API is violated by an application that changes a private attribute. | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:N/C:N/I:N/A:P | ||||||
| Zadnje važnije ažuriranje | 04-08-2024 - 17:15 | ||||||
| Objavljeno | 21-11-2020 - 21:15 |

