Arbitrary Code Execution via Deserialization in huggingface/transformers

The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.

N/A

可信数据的反序列化

Hugging Face Transformers 代码问题漏洞

Hugging Face Transformers是为 Jax、PyTorch 和 TensorFlow 打造的先进的自然语言处理。 Hugging Face Transformers存在代码问题漏洞，该漏洞源于容易通过 TFPreTrainedModel() 类的 load_repo_checkpoint() 函数中反序列化不受信任的数据来执行任意代码。

N/A

N/A