VYPR

PyPI package

distributed

pkg:pypi/distributed

Vulnerabilities (2)

  • CVE-2026-23528Jan 16, 2026
    affected < 2026.1.0fixed 2026.1.0

    Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting (XSS) b

  • CVE-2021-42343Oct 26, 2021
    affected < 2021.10.0fixed 2021.10.0

    An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client (which defaults to using LocalCluster) would mistakenly configure their respective Dask workers