Upload README.md with huggingface_hub

04c5f62 verified 3 days ago

451 Bytes

license: mit
tags:
  - security-research
  - vulnerability-poc

TFjs-node Path Traversal PoC (CWE-22)

Security Research — Responsible Disclosure

Path traversal in @tensorflow/tfjs-node via weightsManifest.paths in model.json allows arbitrary file read.

Usage

npm install @tensorflow/tfjs @tensorflow/tfjs-node
node poc.js

For authorized security research only. Target file is /etc/hostname (harmless).