6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
A flaw was found in python-joblib. A deserialization vulnerability via the joblib.numpy_pickle::NumpyArrayWrapper().read_array() component uses the insecure pickle python library when used with untrusted inputs.
bugzilla.redhat.com/show_bug.cgi?id=2281993
docs.python.org/3.11//library/pickle.html
nvd.nist.gov/vuln/detail/CVE-2024-34997
www.cve.org/CVERecord?id=CVE-2024-34997