"It is relatively straightforward to craft a #PyTorch (Pickle) Model that will execute arbitrary code upon loading"
https://www.darkreading.com/cloud-security/critical-bugs-hugging-face-ai-platform-pickle
Lup Yuen Lee 李立源 /
npub1dz…kar4t
2024-04-06 03:15:52
Author Public Key
npub1dzazuk4tf878rw8hx6szqr2cdgkf7u6f47sha43f2qtf2vkkdn3q9kar4tPublished at
2024-04-06 03:15:52Event JSON
{
"id": "56fd212b3811d6458eb73b797cc91b7cb490edc2ac96206816e3a4540e52b789",
"pubkey": "68ba2e5aab49fc71b8f736a0200d586a2c9f7349afa17ed62950169532d66ce2",
"created_at": 1712373352,
"kind": 1,
"tags": [
[
"t",
"pytorch"
],
[
"proxy",
"https://qoto.org/users/lupyuen/statuses/112222100054332040",
"activitypub"
]
],
"content": "\"It is relatively straightforward to craft a #PyTorch (Pickle) Model that will execute arbitrary code upon loading\"\n\nhttps://www.darkreading.com/cloud-security/critical-bugs-hugging-face-ai-platform-pickle",
"sig": "2135d21a78dd57846053ac6eec03dd24a69a97dbeaa2e77dbff93729b08a894728542b848e3ae85c7108dd8644b38793df2bf99fa43f5a14656feade9135da46"
}