smolagents 安全漏洞

smolagents is a basic library for agents, open-sourced by Hugging Face. Version smolagents 1.25.0.dev0 contains a security vulnerability, which stems from incorrect operations on functions in the file src/smolagents/localpythonexecutor.py, potentially leading to code injection...

smolagents has Sandbox Escape Vulnerability in the local_python_executor.py Module

A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution RCE. The vulnerability stems from the localpythonexecutor.py module, which inadequately restricts Python code...