2 matches found
Deserialization of Untrusted Data
Overview ms-swift is a Swift: Scalable lightWeight Infrastructure for Fine-Tuning Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the loadmodelmeta function. An attacker can execute arbitrary code by supplying a maliciously crafted serialized .mdl file th...
SWIFT 安全漏洞
SWIFT is a large model and multimodal large model fine-tuning deployment framework from ModelScope open source. A security vulnerability exists in SWIFT 2.6.1 and earlier versions, which stems from the deserialization of untrustworthy data by the loadmodelmeta function in the ModelFileSystemCache...