VYPR
High severity7.5NVD Advisory· Published May 17, 2024· Updated Jun 17, 2026

CVE-2024-34997

CVE-2024-34997

Description

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array(). NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.