The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack. Upstream bug: https://github.com/numpy/numpy/issues/9560#issuecomment-322395292
Created numpy tracking bugs for this issue: Affects: fedora-all [bug 1483690] Created python3-numpy tracking bugs for this issue: Affects: epel-all [bug 1483689]