Upload folder using huggingface_hub

b1db618 verified about 2 months ago

540 Bytes

library_name: pytorch
tags:
  - security-research
  - modelscan-bypass
license: mit

ModelScan Bypass PoC — collections.namedtuple

Security research for responsible disclosure via Huntr MFV program.

Vulnerability

collections.namedtuple not in modelscan blocklist. Reports "No issues found" but triggers eval() on generated class source code. Code injection possible via crafted typename/field_names..

Impact: HIGH

Reproduction

pip install modelscan && modelscan scan -p bypass_poc.pkl
# "No issues found!"