Sunday, November 22, 2020
CVE-2020-28975
nist.gov
In: nist.gov
svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced via pickle, json, or any other model permanence standard) with a large value in the _n_support array. CVE-2020-28975