6 matches found
CVE-2024-34997
joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...
PYSEC-2024-277
joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...
DEBIAN-CVE-2024-34997
joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...
PT-2024-26286
Name of the Vulnerable Software and Affected Versions joblib version 1.4.2 Description A deserialization issue was found in the joblib.numpy pickle::NumpyArrayWrapper.read array component. This issue is disputed by the supplier, who claims that NumpyArrayWrapper is only used during caching of...
CVE-2024-34997
CVE-2024-34997 affects joblib v1.4.2, with a deserialization vulnerability in the joblib.numpy_pickle::NumpyArrayWrapper().read_array(). The supplier disputes the issue, noting NumpyArrayWrapper is used only for caching trusted content. Affected/linked advisories cite an unsafe pickle-based deser...
CVE-2024-34997
joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpypickle::NumpyArrayWrapper.readarray. NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content...