metadata
license: mit
tags:
- security-research
- proof-of-concept
- vulnerability
PoC: JAX Arbitrary Code Execution via Unrestricted Pickle Unpickler
Security vulnerability PoC for responsible disclosure via huntr.com.
Vulnerability
_JaxPjrtUnpickler in serialize_executable.py extends pickle.Unpickler
without overriding find_class(), allowing arbitrary code execution.
File: jax/experimental/serialize_executable.py, lines 96-122
Researcher
Ryan — Fan Pier Labs (ryan@fanpierlabs.com)