Impact
The trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability.
Patches
Patched in version 0.95.
Workarounds
Do not use trainBatch with classifiers that rely on shell execution, such as SVM Perf, SVM Linear or Adaboost
References
No
Impact
The
trainBatchfunction has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability.Patches
Patched in version 0.95.
Workarounds
Do not use trainBatch with classifiers that rely on shell execution, such as SVM Perf, SVM Linear or Adaboost
References
No