CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

NVD•added 2022/09/26 5:15 a.m.•15 views

CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS0.00265EPSS

Exploits1References9

OSV•added 2022/09/26 5:15 a.m.•46 views

PYSEC-2022-288

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS4.7AI score0.00265EPSS

Exploits1References4

OSV•added 2022/09/26 5:15 a.m.•0 views

UBUNTU-CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS6.7AI score0.00265EPSS

Exploits1References6

PyPA•added 2022/09/26 5:15 a.m.•5 views

PYSEC-2022-288

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS5.5AI score0.00265EPSS

Exploits1References4Affected Software1

Debian CVE•added 2022/09/26 5:5 a.m.•30 views

CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS7.2AI score0.00265EPSS

Exploits1

CVE•added 2022/09/26 5:5 a.m.•190 views

CVE-2022-21797

CVE-2022-21797 affects joblib: versions 0 up to 1.1.x are vulnerable to arbitrary code execution via the pre_dispatch flag in Parallel(), caused by an eval() statement. Severity is high/critical per sources; impact is arbitrary code execution. Remediation: upgrade to joblib 1.2.0 or later (e.g., ...

9.8CVSS8.4AI score0.00265EPSS

Exploits1References9Affected Software1

Vulnrichment•added 2022/09/26 5:5 a.m.•16 views

CVE-2022-21797 Arbitrary Code Execution

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

7.3CVSS7.1AI score0.00265EPSS

Exploits1References9

AlpineLinux•added 2022/09/26 5:5 a.m.•51 views

CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS8.5AI score0.00265EPSS

Exploits1

ATTACKERKB•added 2022/09/26 5:0 a.m.•2 views

CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS6.8AI score0.00265EPSS

Exploits1References12

FreeBSD•added 2022/09/26 12:0 a.m.•19 views

py39-joblib -- arbitrary code execution

jimlinntu reports: The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS9.5AI score0.00265EPSS

Exploits1References2

UbuntuCve•added 2022/09/26 12:0 a.m.•37 views

CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS6.8AI score0.00265EPSS

Exploits1References5

Snyk•added 2022/09/19 12:4 p.m.•1 views

Arbitrary Code Execution

Overview joblib is a Lightweight pipelining with Python functions Affected versions of this package are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement. PoC py def f: return 1 p = Parallelnjobs=3, predispatch="sys.exit0" pdelayedf for i ...

9.8CVSS5.4AI score0.00265EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by