** DISPUTED ** joblib v1.4.2 was... CVE-2024-34997

- AV AC AU C I A
发布: 2024-05-17
修订: 2024-08-27

** DISPUTED ** joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array(). NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content.

暂无可用Exp或PoC
当前有0条受影响产品信息