CVE-2017-12852: Loop with Unreachable Exit Condition (Infinite Loop)

August 15, 2017 (updated October 3, 2019)

The numpy.pad function in Numpy versions is missing input validation. An empty list or array will stick into an infinite loop, which can allow attackers to cause a DoS attack.

References

nvd.nist.gov/vuln/detail/CVE-2017-12852

Code Behaviors & Features

Detect and mitigate CVE-2017-12852 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →