The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
https://github.com/BT123/testcasesForMyRequest/tree/master/CVE-2017-12852