You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

ModelscanBypass uuid._get_command_stdout

Security research: modelscan v0.7.6/v0.8.8 does not block uuid._get_command_stdout.

Vulnerability

uuid._get_command_stdout(command, *args) internally calls subprocess.Popen([executable] + list(args)) — arbitrary command execution. The uuid module is NOT in modelscan's unsafe_globals blocklist.

modelscan Result

No issues found.

Impact

Arbitrary command execution on model load via pickle.load().

For Authorized Security Research Only

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support