GLSA-202401-01 : Joblib: Arbitrary Code Execution

The remote host is affected by the vulnerability described in GLSA-202401-01 Joblib: Arbitrary Code Execution - The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement. CVE-2022-21797 Note that Ness...

FreeBSD : py39-joblib -- arbitrary code execution (845f8430-d0ee-4134-ae35-480a3e139b8a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 845f8430-d0ee-4134-ae35-480a3e139b8a advisory. - The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the...

Debian: Security Advisory (DLA-3193-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3193-2] joblib security update

Debian LTS Advisory DLA-3193-2 [email protected] https://www.debian.org/lts/security/ Helmut Grohne March 30, 2023 https://wiki.debian.org/LTS Package : joblib Version : 0.13.0-2+deb10u2 CVE ID : CVE-2022-21797 Debian Bug : 1020820 It was discovered that joblib did not completely saniti...

DLA-3193-2 joblib - security update

Bulletin has no description...

SUSE CVE-2020-13092

scikit-learn aka sklearn through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load function, if reduce makes an os.system call. NOTE: third parties dispute this issue because the joblib.load function is documented as unsafe and it is the user's...

SUSE CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

Fedora 36 : python-joblib (2022-c0bfe37ae5)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c0bfe37ae5 advisory. Security fix for CVE-2022-21797 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

openSUSE 15 Security Update : python-joblib (openSUSE-SU-2022:10214-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2022:10214-1 advisory. - The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval...

OPENSUSE-SU-2022:10214-1 Security update for python-joblib

This update for python-joblib fixes the following issues: - CVE-2022-21797: Fixed arbitrary code execution in joblib boo1204232...

Security update for python-joblib (important)

openSUSE Security Update: Security update for python-joblib Announcement ID: openSUSE-SU-2022:10214-1 Rating: important References: 1204232 Cross-References: CVE-2022-21797 CVSS scores: CVE-2022-21797 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports...

Debian: Security Advisory (DLA-3193-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3193-1] joblib security update

Debian LTS Advisory DLA-3193-1 [email protected] https://www.debian.org/lts/security/ Dominik George November 17, 2022 https://wiki.debian.org/LTS Package : joblib Version : 0.13.0-2+deb10u1 CVE ID : CVE-2022-21797 Debian Bug : 1020820 It was discovered that joblib did not properly...

Debian dla-3193 : python-joblib - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3193 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3193-1 [email protected] https://www.debian.org/lts/security/...

Fedora: Security Advisory for python-joblib (FEDORA-2022-c83ce1c000)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 37 Update: python-joblib-1.2.0-1.fc37

Joblib is a set of tools to provide lightweight pipelining in Python. In particular, joblib offers: transparent disk-caching of the output values and lazy re-evaluation memorize pattern easy simple parallel computing logging and tracing of the execution...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that enable the assisted mapping capability may be vulnerable to arbitrary code injection due to CVE-2022-21797

Summary Python module Joblib used by IBM App Connect Enterprise Certified Container for mapping assistance in flow development. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that enable mapping assistance may be vulnerable to arbitrary code injection. This bulletin...

Mageia: Security Advisory (MGASA-2022-0375)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python-joblib packages fix security vulnerability

Arbitrary Code Execution in joblib CVE-2022-21797...

MGASA-2022-0375 Updated python-joblib packages fix security vulnerability

Arbitrary Code Execution in joblib CVE-2022-21797...