Homepage
About Snyk

scikit-learn@0.24.1 vulnerabilities

A set of python modules for machine learning and data mining

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the scikit-learn package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Regular Expression Denial of Service (ReDoS)

scikit-learn is a Python module for machine learning built on top of SciPy and is distributed under the 3-Clause BSD license.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in ARFF processing.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade scikit-learn to version 0.24.2 or higher.

[,0.24.2)
  • L
Regular Expression Denial of Service (ReDoS)

scikit-learn is a Python module for machine learning built on top of SciPy and is distributed under the 3-Clause BSD license.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the _RE_TYPE_NOMINAL regular expression which is evaluated in _decode_attribute.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade scikit-learn to version 0.24.2 or higher.

[,0.24.2)
Go back to all versions of this package