Vulnerabilities > Scikit Learn

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-06	CVE-2024-5206	Insecure Storage of Sensitive Information vulnerability in Scikit-Learn A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. local high complexity scikit-learn CWE-922	4.7
2020-11-21	CVE-2020-28975	Unspecified vulnerability in Scikit-Learn 0.23.2 svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced via pickle, json, or any other model permanence standard) with a large value in the _n_support array. network low complexity scikit-learn	7.5
2020-05-15	CVE-2020-13092	Deserialization of Untrusted Data vulnerability in Scikit-Learn scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. network low complexity scikit-learn CWE-502 critical	9.8

Vulnerabilities > Scikit Learn {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Scikit Learn"}]}