Security
Security
A vulnerability was found in scikit-learn which could result in denial of service.
| Package | sci-libs/scikit-learn on all architectures |
|---|---|
| Affected versions | < 1.1.1 |
| Unaffected versions | >= 1.1.1 |
scikit-learn is a machine learning library for Python.
When supplied with a crafted model SVM, predict() can result in a null pointer dereference.
An attcker capable of providing a crafted model to scikit-learn can result in denial of service.
There is no known workaround at this time.
All scikit-learn users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sci-libs/scikit-learn-1.1.1"
Release date
January 11, 2023
Latest revision
January 11, 2023: 1
Severity
low
Exploitable
remote
Bugzilla entries