OESA-2022-1990
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1990
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1990.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2022-1990
- Upstream
- Published
- 2022-10-14T11:04:25Z
- Modified
- 2025-09-03T06:18:02.038621Z
- Summary
- python-joblib security update
- Details
-
Joblib is a set of tools to provide lightweight pipelining in Python.
Security Fix(es):
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.(CVE-2022-21797)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP1 / python-joblib
Package
- Name
- python-joblib
- Purl
- pkg:rpm/openEuler/python-joblib&distro=openEuler-20.03-LTS-SP1
openEuler:20.03-LTS-SP3 / python-joblib
Package
- Name
- python-joblib
- Purl
- pkg:rpm/openEuler/python-joblib&distro=openEuler-20.03-LTS-SP3