exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2020-13092

больше 5 лет назад

scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the joblib.load() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner

CVSS3: 9.8

EPSS: Низкий

CVE-2020-13092

больше 5 лет назад

scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the joblib.load() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner

CVSS3: 9.8

EPSS: Низкий

CVE-2020-13092

больше 5 лет назад

scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute ...

CVSS3: 9.8

EPSS: Низкий

GHSA-jjw5-xxj6-pcv5

больше 3 лет назад

scikit-learn Deserialization of Untrusted Data

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-13092 scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the joblib.load() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner	CVSS3: 9.8	1% Низкий	больше 5 лет назад
CVE-2020-13092 scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the joblib.load() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner	CVSS3: 9.8	1% Низкий	больше 5 лет назад
CVE-2020-13092 scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute ...	CVSS3: 9.8	1% Низкий	больше 5 лет назад
GHSA-jjw5-xxj6-pcv5 scikit-learn Deserialization of Untrusted Data	CVSS3: 9.8	1% Низкий	больше 3 лет назад

Уязвимостей на страницу