Arbitrary Code Execution
joblib is vulnerable to arbitrary code execution. The vulnerability exists in batchedcallsreducercallback function of parallel.py via the predispatched flag in Parallel class due to the eval statement. When the attacker enters a statement in the flag predispatch it will run whatever the attacker...