CVE-2020-13092 – scikit-learn

Package

Manager: pip
Name: scikit-learn
Vulnerable Version: >=0 <=0.23.0

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00817 pctl0.7348

Details

scikit-learn Deserialization of Untrusted Data scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the `joblib.load()` function, if `__reduce__` makes an `os.system call`. NOTE: third parties dispute this issue because the joblib.load() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner.

Metadata

Created: 2022-05-24T17:17:59Z
Modified: 2024-10-22T17:21:50Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jjw5-xxj6-pcv5/GHSA-jjw5-xxj6-pcv5.json
CWE IDs: ["CWE-502"]
Alternative ID: GHSA-jjw5-xxj6-pcv5
Finding: F096
Auto approve: 1