Joblib_project Joblib
2 CVEs affecting Joblib_project Joblib. Latest disclosed: 2024-05-17. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-34997 | High | 7.5 | 2024-05-17 | joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array(). NOTE: this is⦠|
CVE-2022-21797 | High | 7.3 | 2022-09-26 | The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement. |