Bounties
Partners
Community
Info
scikit-learn / scikit-learn
Project repository
scikit-learn: machine learning in Python
Submit a report
FIRST INTERACTION
WITHIN
9 DAYS
REVIEW
WITHIN
15 DAYS
FIX
WITHIN
386 DAYS
Arbitrary File Write via Tar Extract (Path Traversal)
Aug 4th 2025
ohmymagic
•
spam
Critical RCE via Unsafe Pickle Deserialization in scikit-learn Test Modules
Jun 6th 2025
codepat666
•
spam
Hardcoded Credential Request
May 19th 2025
sena-corp
•
not applicable
Arbitrary Code Execution via joblib.load() in Dataset Loading
Apr 18th 2025
tugar2003
•
not applicable
LFI Via _Base.py Dataset
Dec 2nd 2024
shadowbyte1
•
not applicable
Dense Matrix Creation in _gaussian_random_matrix
Jul 16th 2024
syed-ghufran-hassan
•
not applicable
RCE in Github Actions
Jun 17th 2024
redyetidev
•
informative
Low
Unexpected Training Data Storage in sklearn.feature_extraction.text.TfidfVectori...
Jun 1st 2024
kemalty
•
Medium
•
$125
Medium
•
$125
•
CVE-2024-5206
CVE-2024-5206
Jinja autoescape not configured
Nov 17th 2023
dmandefy
•
spam
Possible DOS and Cache Poisoning in X-Timer Header
Sep 22nd 2023
theo0k
•
spam
A Potential TarSlip due to do no use of Checksum
Sep 25th 2024
sim4n6
•
Low
Low
CRITICAL
$1500
HIGH
$750
MEDIUM
$125
LOW
$20
