Safety vulnerability ID: 73323
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Cleanlab project affected versions contain a security vulnerability in the deserialization process. When loading a data directory, a maliciously crafted datalab.pkl file can execute arbitrary code on the user's system. This vulnerability stems from the use of the pickle module for deserialization without proper safeguards. Attackers can exploit this flaw to compromise systems, potentially leading to data theft, system manipulation, or further malware deployment. Users should exercise extreme caution when loading data from untrusted sources, and consider updating to a patched version if available.
Latest version: 2.7.0
The standard package for data-centric AI, machine learning with label errors, and automatically finding and fixing dataset issues in Python.
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application