Is joblib safe to use?

joblib has 1 known vulnerabilities on the latest version (1.5.3). DepScope rates its health at 60/100 (moderate risk).

What is the latest version of joblib?

The latest version of joblib is 1.5.3, released 2025-12-15.

Does joblib have known vulnerabilities?

Yes. joblib has 1 known vulnerabilities. See depscope.dev/pkg/pypi/joblib for details.

Is joblib deprecated?

No, joblib is actively maintained. Latest release: 1.5.3 (2025-12-15).

What are alternatives to joblib?

Popular alternatives to joblib in PyPI include: boto3, packaging, urllib3, certifi, requests.

What license does joblib use?

joblib is licensed under BSD-3-Clause.

joblib

pypiv1.5.3

Lightweight pipelining with Python functions

License BSD-3-Clausepermissive101 versions0 deps42,480,749 weekly dl

joblib/joblib

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Moderate health score (60/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

25/25

maintenance

20/20

popularity

20/25

security

15/15

maturity

5/15

community

0/15

popularity_floor

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2024-34997	joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array(). NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content.	—

Maintainer trust

Active maintainers (3m)

2

Contributors (12m)

14

Primary author dominance

29%

GitHub stars

4,339

Quality signals

OSS Criticality

0.50high

Download trend

stable(0%)

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/joblib