17 matches found
Astra Linux - уязвимость в joblib
The joblib package from versions 0 and before 1.2.0 is vulnerable to Arbitrary Code Execution through the predispatch flag in the Parallel class, due to the eval statement...
EUVD-2022-0128
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-21797
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
joblib vulnerable to arbitrary code execution
The package joblib from 0 and before 1.2.0 is vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
CVE-2022-21797
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
PYSEC-2022-288
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
UBUNTU-CVE-2022-21797
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
Code injection
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
PYSEC-2022-288
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
CVE-2022-21797 Arbitrary Code Execution
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
CVE-2022-21797
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
CVE-2022-21797
CVE-2022-21797 affects joblib: versions 0 up to 1.1.x are vulnerable to arbitrary code execution via the pre_dispatch flag in Parallel(), caused by an eval() statement. Severity is high/critical per sources; impact is arbitrary code execution. Remediation: upgrade to joblib 1.2.0 or later (e.g., ...
CVE-2022-21797 Arbitrary Code Execution
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
CVE-2022-21797
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
joblib 安全漏洞
joblib is joblib open source set of tools to provide lightweight pipelining in Python. Joblib package versions prior to 1.2.0 has a security vulnerability , the vulnerability stems from its Parallel class in the predispatch flag allows an attacker to achieve arbitrary code execution through eval...
CVE-2022-21797
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
Arbitrary Code Execution
Overview joblib is a Lightweight pipelining with Python functions Affected versions of this package are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement. PoC py def f: return 1 p = Parallelnjobs=3, predispatch="sys.exit0" pdelayedf for i ...