Huggingface: >> Transformers >> 4.10.1 Security Vulnerabilities
The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.
CVSS Score
3.4
EPSS Score
0.201
Published
2024-04-10
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
CVSS Score
9.6
EPSS Score
0.002
Published
2023-12-20
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
CVSS Score
9.0
EPSS Score
0.002
Published
2023-12-19
Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-05-18
Page 2