## Critical Vulnerability Information ### Vulnerability Title Python sandbox escape leading to Remote Code Execution (RCE) in huggingface/transformers ### Vulnerability Type Remote Code Execution (RCE) ### Affected Scope - **Affected Versions**: transformers = 4.27.0 ### Vulnerability Description A Python sandbox escape in Smolagents leads to Remote Code Execution (RCE). The `Whitespace` code within the `tokenizers` module of the `huggingface/transformers` library contains a sandbox escape vulnerability, which attackers can exploit to execute arbitrary code on the target system. ### Root Cause Analysis The `Whitespace` code employs unsafe AST parsing and dynamic module loading mechanisms, allowing attackers to bypass sandbox restrictions by crafting malicious inputs and execute arbitrary code. ### Exploitation Method 1. Craft malicious input to cause the `Whitespace` parser to generate a specific AST. 2. Exploit the dynamic module loading mechanism to load and execute malicious code. ### Impact - Unauthorized code execution - Data leakage (source code, keys, etc.) - Loss of system control ### Reference Links - [GitHub Security Advisory](https://github.com/huggingface/transformers/security/advisories/GHSA-5698-3qf8-9v9r) - [CVE-2022-42809](https://nvd.nist.gov/vuln/detail/CVE-2022-42809)