Lucene search

Veracode Vulnerability DatabaseVERACODE:44769

HistoryDec 21, 2023 - 7:58 a.m.

Deserialization Of Untrusted Data

2023-12-2107:58:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

deserialization

untrusted data

remote code execution

transfoxltokenizer

vocab file

pickle.load

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

23.3%

JSON

huggingface/transformers is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to the implementation of TransfoXLTokenizer, which automatically loads the vocab.pkl file from the remote repository using the risky pickle.load function without any restrictions. This issue can be exploited by an attacker by tricking a user into loading malicious serialized data which can lead to remote code execution.

References

github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce

huntr.com/bounties/e1a3e548-e53a-48df-b708-9ee62140963c

huntr.com/bounties/e1a3e548-e53a-48df-b708-9ee62140963c/

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

23.3%

JSON

Related for VERACODE:44769