CVE-2017-12852

The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
Infinite Loop
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
numpynumpy
𝑥
≤ 1.13.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
python-numpy
artful
ignored
bionic
needed
cosmic
ignored
disco
ignored
eoan
not-affected
focal
not-affected
groovy
dne
hirsute
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
needed
zesty
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
python-numpy_1_13_3-gnu-hpc
suse enterprise sap 12 SP2
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP3
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP4
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP5
1.13.3-4.6.1
fixed
suse enterprise server 12 SP2
1.13.3-4.6.1
fixed
suse enterprise server 12 SP3
1.13.3-4.6.1
fixed
suse enterprise server 12 SP4
1.13.3-4.6.1
fixed
suse enterprise server 12 SP5
1.13.3-4.6.1
fixed
python-numpy_1_13_3-gnu-hpc-devel
suse enterprise sap 12 SP2
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP3
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP4
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP5
1.13.3-4.6.1
fixed
suse enterprise server 12 SP2
1.13.3-4.6.1
fixed
suse enterprise server 12 SP3
1.13.3-4.6.1
fixed
suse enterprise server 12 SP4
1.13.3-4.6.1
fixed
suse enterprise server 12 SP5
1.13.3-4.6.1
fixed
python2-numpy
suse enterprise desktop 15
1.14.0-2.25
fixed
suse enterprise sap 15
1.14.0-2.25
fixed
suse enterprise server 15
1.14.0-2.25
fixed
python2-numpy-devel
suse enterprise desktop 15
1.14.0-2.25
fixed
suse enterprise sap 15
1.14.0-2.25
fixed
suse enterprise server 15
1.14.0-2.25
fixed
python2-numpy-gnu-hpc
suse enterprise sap 12 SP2
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP3
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP4
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP5
1.13.3-4.6.1
fixed
suse enterprise server 12 SP2
1.13.3-4.6.1
fixed
suse enterprise server 12 SP3
1.13.3-4.6.1
fixed
suse enterprise server 12 SP4
1.13.3-4.6.1
fixed
suse enterprise server 12 SP5
1.13.3-4.6.1
fixed
python2-numpy-gnu-hpc-devel
suse enterprise sap 12 SP2
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP3
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP4
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP5
1.13.3-4.6.1
fixed
suse enterprise server 12 SP2
1.13.3-4.6.1
fixed
suse enterprise server 12 SP3
1.13.3-4.6.1
fixed
suse enterprise server 12 SP4
1.13.3-4.6.1
fixed
suse enterprise server 12 SP5
1.13.3-4.6.1
fixed
python3-numpy
suse enterprise desktop 15
1.14.0-2.25
fixed
suse enterprise desktop 15 SP1
1.14.0-4.5.1
fixed
suse enterprise desktop 15 SP2
1.17.3-4.11.1
fixed
suse enterprise desktop 15 SP3
1.17.3-7.1
fixed
suse enterprise desktop 15 SP4
1.17.3-150400.21.32
fixed
suse enterprise desktop 15 SP5
1.17.3-150400.23.3.1
fixed
suse enterprise desktop 15 SP6
1.17.3-150400.28.37
fixed
suse enterprise desktop 15 SP7
1.17.3-150400.31.1
fixed
suse enterprise sap 15
1.14.0-2.25
fixed
suse enterprise sap 15 SP1
1.14.0-4.5.1
fixed
suse enterprise sap 15 SP2
1.17.3-4.11.1
fixed
suse enterprise sap 15 SP3
1.17.3-7.1
fixed
suse enterprise sap 15 SP4
1.17.3-150400.21.32
fixed
suse enterprise sap 15 SP5
1.17.3-150400.23.3.1
fixed
suse enterprise sap 15 SP6
1.17.3-150400.28.37
fixed
suse enterprise sap 15 SP7
1.17.3-150400.31.1
fixed
suse enterprise server 15
1.14.0-2.25
fixed
suse enterprise server 15 SP1
1.14.0-4.5.1
fixed
suse enterprise server 15 SP2
1.17.3-4.11.1
fixed
suse enterprise server 15 SP3
1.17.3-7.1
fixed
suse enterprise server 15 SP4
1.17.3-150400.21.32
fixed
suse enterprise server 15 SP5
1.17.3-150400.23.3.1
fixed
suse enterprise server 15 SP6
1.17.3-150400.28.37
fixed
suse enterprise server 15 SP7
1.17.3-150400.31.1
fixed
python3-numpy-devel
suse enterprise desktop 15
1.14.0-2.25
fixed
suse enterprise desktop 15 SP1
1.14.0-4.5.1
fixed
suse enterprise desktop 15 SP2
1.17.3-4.11.1
fixed
suse enterprise desktop 15 SP3
1.17.3-7.1
fixed
suse enterprise desktop 15 SP4
1.17.3-150400.21.32
fixed
suse enterprise desktop 15 SP5
1.17.3-150400.23.3.1
fixed
suse enterprise desktop 15 SP6
1.17.3-150400.28.37
fixed
suse enterprise desktop 15 SP7
1.17.3-150400.31.1
fixed
suse enterprise sap 15
1.14.0-2.25
fixed
suse enterprise sap 15 SP1
1.14.0-4.5.1
fixed
suse enterprise sap 15 SP2
1.17.3-4.11.1
fixed
suse enterprise sap 15 SP3
1.17.3-7.1
fixed
suse enterprise sap 15 SP4
1.17.3-150400.21.32
fixed
suse enterprise sap 15 SP5
1.17.3-150400.23.3.1
fixed
suse enterprise sap 15 SP6
1.17.3-150400.28.37
fixed
suse enterprise sap 15 SP7
1.17.3-150400.31.1
fixed
suse enterprise server 15
1.14.0-2.25
fixed
suse enterprise server 15 SP1
1.14.0-4.5.1
fixed
suse enterprise server 15 SP2
1.17.3-4.11.1
fixed
suse enterprise server 15 SP3
1.17.3-7.1
fixed
suse enterprise server 15 SP4
1.17.3-150400.21.32
fixed
suse enterprise server 15 SP5
1.17.3-150400.23.3.1
fixed
suse enterprise server 15 SP6
1.17.3-150400.28.37
fixed
suse enterprise server 15 SP7
1.17.3-150400.31.1
fixed
python3-numpy-gnu-hpc
suse enterprise sap 12 SP2
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP3
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP4
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP5
1.13.3-4.6.1
fixed
suse enterprise server 12 SP2
1.13.3-4.6.1
fixed
suse enterprise server 12 SP3
1.13.3-4.6.1
fixed
suse enterprise server 12 SP4
1.13.3-4.6.1
fixed
suse enterprise server 12 SP5
1.13.3-4.6.1
fixed
python3-numpy-gnu-hpc-devel
suse enterprise sap 12 SP2
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP3
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP4
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP5
1.13.3-4.6.1
fixed
suse enterprise server 12 SP2
1.13.3-4.6.1
fixed
suse enterprise server 12 SP3
1.13.3-4.6.1
fixed
suse enterprise server 12 SP4
1.13.3-4.6.1
fixed
suse enterprise server 12 SP5
1.13.3-4.6.1
fixed
python3-numpy_1_13_3-gnu-hpc
suse enterprise sap 12 SP2
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP3
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP4
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP5
1.13.3-4.6.1
fixed
suse enterprise server 12 SP2
1.13.3-4.6.1
fixed
suse enterprise server 12 SP3
1.13.3-4.6.1
fixed
suse enterprise server 12 SP4
1.13.3-4.6.1
fixed
suse enterprise server 12 SP5
1.13.3-4.6.1
fixed
python3-numpy_1_13_3-gnu-hpc-devel
suse enterprise sap 12 SP2
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP3
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP4
1.13.3-4.6.1
fixed
suse enterprise sap 12 SP5
1.13.3-4.6.1
fixed
suse enterprise server 12 SP2
1.13.3-4.6.1
fixed
suse enterprise server 12 SP3
1.13.3-4.6.1
fixed
suse enterprise server 12 SP4
1.13.3-4.6.1
fixed
suse enterprise server 12 SP5
1.13.3-4.6.1
fixed
Common Weakness Enumeration
References
https://github.com/BT123/testcasesForMyRequest/tree/master/CVE-2017-12852
https://github.com/numpy/numpy/issues/9560#issuecomment-322395292
https://github.com/BT123/testcasesForMyRequest/tree/master/CVE-2017-12852
https://github.com/numpy/numpy/issues/9560#issuecomment-322395292