CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
9.0%
A vulnerability was found in the scikit-learn package. Before version 1.4.1, post1 scikit-learn stores all tokens with “stop_words_” attributes. This action may cause scikit-learn to expose sensitive data that will not be used in the model training, possibly leaking passwords and keys.