VYPR

joblib

by joblib

Source repositories

CVEs (1)

  • CVE-2024-34997HigMay 17, 2024
    risk 0.49cvss 7.5epss 0.01

    joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array(). NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content.