View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-12852 severity moderate: SUSE including 295 source package names (amazon/suse-sles-15-sp1-chost-byos-v20210304-hvm-ssd-x86_64, amazon/suse-sles-15-sp1-chost-byos-v20220127-hvm-ssd-x86_64, …), 358 product×package rows across 58 product lines (SUSE CaaS Platform 4.0, SUSE CaaS Platform 4.5, … (58 product lines)): Known Affected 231, Known Not Affected 69, Fixed 58.
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.