Lucene search
GoogleOSV:CVE-2024-34997HistoryMay 17, 2024 - 7:15 p.m.
CVE-2024-34997
2024-05-1719:15:07
Google
osv.dev
2
cve-2024-34997
joblib
deserialization
vulnerability
numpyarraywrapper
software
joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array().
| CPE | Name | Operator | Version |
|---|---|---|---|
| joblib | eq | 0.13.0-2+deb10u1 | |
| joblib | eq | 1.1.0-1 | |
| joblib | eq | 0.14.0-3 | |
| joblib | eq | 0.14.0-0.2 | |
| joblib | eq | 1.1.0-2 | |
| joblib | eq | 0.17.0-4+deb11u1 | |
| joblib | eq | 0.17.0-4 | |
| joblib | eq | 0.14.0-0.1 | |
| joblib | eq | 0.13.0-2 | |
| joblib | eq | 0.14.0-2 |
References
Related
debiancve
debiancve
CVE-2024-34997
2024-05-17 19:15:07
cve
cve
CVE-2024-34997
2024-05-17 19:15:07
nvd
nvd
CVE-2024-34997
2024-05-17 19:15:07
veracode
veracode
Deserialization Of Untrusted Data
2024-05-22 06:12:37
cvelist
cvelist
CVE-2024-34997
2024-05-17 00:00:00
redhatcve
redhatcve
CVE-2024-34997
2024-05-20 18:46:18
ubuntucve
ubuntucve
CVE-2024-34997
2024-05-17 00:00:00