Lucene search
GoogleOSV:GHSA-V68G-WM8C-6X7JHistoryDec 20, 2023 - 6:30 p.m.
transformers has a Deserialization of Untrusted Data vulnerability
2023-12-2018:30:32
Google
osv.dev
7
untrusted data
deserialization
github repository
huggingface/transformers
software
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
23.3%
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
Related
nvd
nvd
CVE-2023-7018
2023-12-20 17:15:08
veracode
veracode
Deserialization Of Untrusted Data
2023-12-21 07:58:56
cvelist
cvelist
CVE-2023-7018 Deserialization of Untrusted Data in huggingface/transformers
2023-12-20 16:13:01
github
github
transformers has a Deserialization of Untrusted Data vulnerability
2023-12-20 18:30:32
cve
cve
CVE-2023-7018
2023-12-20 17:15:08
osv
osv
CVE-2023-7018
2023-12-20 17:15:08
prion
prion
Deserialization of untrusted data
2023-12-20 17:15:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
23.3%
Related for OSV:GHSA-V68G-WM8C-6X7J