PoC: JAX Arbitrary Code Execution via Unrestricted Pickle Unpickler
Security vulnerability PoC for responsible disclosure via huntr.com.
Vulnerability
_JaxPjrtUnpickler in serialize_executable.py extends pickle.Unpickler
without overriding find_class(), allowing arbitrary code execution.
File: jax/experimental/serialize_executable.py, lines 96-122
Researcher
Ryan — Fan Pier Labs (ryan@fanpierlabs.com)
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support