CVE 2022-21797
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- MISC: https://github.com/job...
- MISC: https://github.com/job...
- MISC: https://github.com/job...
- MISC: https://security.snyk....
- FEDORA: FEDORA-2022-c0bfe37ae5
- FEDORA: FEDORA-2022-c83ce1c000
- MLIST: [debian-lts-announce] ...
- MLIST: [debian-lts-announce] ...
- GENTOO: GLSA-202401-01
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)