There has been a lot of research pointing out the security risks related to the use of Pickle file serialization (dubbed “Pickling” in the Hugging Face community). In fact, even Hugging Face’s documentation describes the risks of arbitrary code execution in Pickle files in detail.
In other words, there’s a known vulnerability, it’s documented, it’s ignored and now it’s been exploited twice.
Wow … shocked … is not a word I’d use to describe this situation.
Fuck around and see what happens … seems more apt.
This is a direct quote from the article:
In other words, there’s a known vulnerability, it’s documented, it’s ignored and now it’s been exploited twice.
Wow … shocked … is not a word I’d use to describe this situation.
Fuck around and see what happens … seems more apt.
Twice that we know of.
Fair point.