CVE-2024-5206 | scikit-learn up to 1.4.x stop_words_ missing access control

Posted by Angelo Barbosa | Jun 6, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in scikit-learn up to 1.4.x. Affected by this issue is some unknown functionality. The manipulation of the argument stop_words_ leads to storage of sensitive data in a mechanism without access control.

This vulnerability is handled as CVE-2024-5206. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5206 | scikit-learn up to 1.4.x stop_words_ missing access control

Related Posts

CVE-2024-36581 | abw badger-database 1.2.1 dist/badger-database.esm prototype pollution

CVE-2023-51773 | BACnet Stack up to 1.3.1 APDU bacapp.c bacapp_decode_application_data buffer overflow

CVE-2024-4634 | Elementor Header & Footer Builder Plugin up to 1.6.28 on WordPress cross site scripting

CVE-2023-46958: lmxcms admin.php Privilege Escalation