AI Threat Alert
CVE-2020-13092
CRITICALscikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. NOTE: third...
Full analysis pending. Showing NVD description excerpt.
Affected Systems
| Package | Ecosystem | Vulnerable Range | Patched |
|---|---|---|---|
| scikit-learn | pip | — | No patch |
Do you use scikit-learn? You're affected.
Severity & Risk
Recommended Action
No patch available
Monitor for updates. Consider compensating controls or temporary mitigations.
Compliance Impact
Compliance analysis pending. Sign in for full compliance mapping when available.
Technical Details
NVD Description
scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the joblib.load() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner
Weaknesses (CWE)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References
- github.com/0FuzzingQ/vuln/blob/master/sklearn%20unserialize.md Exploit 3rd Party
- scikit-learn.org/stable/modules/model_persistence.html 3rd Party
- github.com/0FuzzingQ/vuln/blob/master/sklearn%20unserialize.md Exploit 3rd Party
- scikit-learn.org/stable/modules/model_persistence.html 3rd Party