CVE-2024-34997 Information

Description

joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array().

Reference

https://github.com/joblib/joblib/issues/1582