CVE-2020-28975 – svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other pro …

Vuln ID: CVE-2020-28975

Published:  2020-11-21  21:15:10Z

Description: svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced via pickle, json, or any other model permanence standard) with a large value in the _n_support array.

Source: NVD.NIST.GOV