Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2024/05/20 6:46 p.m.23 views

CVE-2024-34997

A flaw was found in python-joblib. A deserialization vulnerability via the joblib.numpypickle::NumpyArrayWrapper.readarray component uses the insecure pickle python library when used with untrusted inputs...

8.1CVSS6.5AI score0.00664EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2024/05/17 7:15 p.m.4 views

CVE-2024-34997

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS7.4AI score0.00664EPSS
Exploits1References2
NVD
NVD
added 2024/05/17 7:15 p.m.18 views

CVE-2024-34997

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS6.9AI score0.00664EPSS
Exploits1References2
PyPA
PyPA
added 2024/05/17 7:15 p.m.12 views

PYSEC-2024-277

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS6.5AI score0.00664EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/05/17 7:15 p.m.3 views

DEBIAN-CVE-2024-34997

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS6.2AI score0.00664EPSS
Exploits1References1
OSV
OSV
added 2024/05/17 7:15 p.m.18 views

CVE-2024-34997

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS7.5AI score
Exploits0References2
OSV
OSV
added 2024/05/17 7:15 p.m.9 views

PYSEC-2024-277

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS6.5AI score0.00664EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/05/17 7:15 p.m.27 views

CVE-2024-34997

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS6.6AI score0.00664EPSS
Exploits1References2
OSV
OSV
added 2024/05/17 7:15 p.m.2 views

UBUNTU-CVE-2024-34997

DISPUTED joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS5.8AI score0.00664EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/05/17 12:0 a.m.31 views

CVE-2024-34997

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

6.8AI score0.00664EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/17 12:0 a.m.25 views

CVE-2024-34997

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.2AI score0.00664EPSS
Exploits1References2
CVE
CVE
added 2024/05/17 12:0 a.m.100 views

CVE-2024-34997

CVE-2024-34997 affects joblib v1.4.2, with a deserialization vulnerability in the joblib.numpy_pickle::NumpyArrayWrapper().read_array(). The supplier disputes the issue, noting NumpyArrayWrapper is used only for caching trusted content. Affected/linked advisories cite an unsafe pickle-based deser...

7.5CVSS6.8AI score0.00664EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2024/05/17 12:0 a.m.19 views

CVE-2024-34997

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...

7.5CVSS6.1AI score0.00664EPSS
Exploits1
Rows per page
Query Builder