First published: Mon Sep 26 2022(Updated: )
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
Credit: report@snyk.io report@snyk.io report@snyk.io
Affected Software | Affected Version | How to fix |
---|---|---|
<1.1.1 | ||
=36 | ||
=37 | ||
=10.0 | ||
Joblib Project Joblib | <1.1.1 | |
Fedoraproject Fedora | =36 | |
Fedoraproject Fedora | =37 | |
Debian Debian Linux | =10.0 | |
pip/joblib | <1.2.0 | 1.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.