You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

ModelScan pydoc.pipepager bypass PoC

Private security disclosure artifact for the Huntr Model File Vulnerability program.

VULN_REPORT_1.md - technical vulnerability report
pocs/create_pydoc_pipepager_pickle.py - PoC model-file generator
pocs/load_pydoc_pipepager_pickle.py - local loader that demonstrates execution
pocs/pydoc_pipepager_bypass.pkl - malicious pickle model file
pocs/pydoc_pipepager_bypass.joblib - malicious joblib model file

Safety

These files are intentionally malicious proof-of-concept model files. Do not load the .pkl or .joblib files outside an isolated test environment.

The PoC was locally verified against ProtectAI ModelScan v0.8.8 at commit 61fcec9c2a37c24c1fb12d84ede30fe248a364bd: ModelScan reported zero issues, and loading the files with Python 3.12 executed the embedded command.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support

DohaLee
/

modelscan-pydoc-pipepager-bypass-poc

You need to agree to share your contact information to access this model

ModelScan pydoc.pipepager bypass PoC

Contents

Safety