CVE-2023-7018 | huggingface transformers up to 4.35 deserialization

Posted by Angelo Barbosa | Dec 20, 2023 | CVE

A vulnerability has been found in huggingface transformers up to 4.35 and classified as very critical. This vulnerability affects unknown code. The manipulation leads to deserialization.

This vulnerability was named CVE-2023-7018. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-7018 | huggingface transformers up to 4.35 deserialization

Related Posts

CVE-2024-34934 | Campcodes Complete Web-Based School Management System 1.0 emarks_range_grade_update_form.php conversation_id sql injection

CVE-2024-39249 | Async up to 2.6.4/3.2.5 autoinject redos

CVE-2024-21849 | F5 BIG-IP Advanced WAF/BIG-IP ASM up to 16.1.3 Traffic Management Microkernel return of pointer value outside of expected range (K000135873)

CVE-2023-52355 | LibTIFF TIFFRasterScanlineSize64 resource consumption