YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
DL4J Arbitrary Class Instantiation Vulnerability PoC
Vulnerability Summary
Type: Arbitrary Class Instantiation via Unvalidated Model Configuration
Severity: Critical (Remote Code Execution)
Affected Component: org.deeplearning4j.models.embeddings.loader.WordVectorSerializer
Vulnerable Code
File: deeplearning4j/deeplearning4j-nlp-parent/deeplearning4j-nlp/src/main/java/org/deeplearning4j/models/embeddings/loader/WordVectorSerializer.java
Lines: 3067-3069
String tokenizerFactoryClassName = configuration.getTokenizerFactory();
TokenizerFactory factory = DL4JClassLoading.createNewInstance(tokenizerFactoryClassName);
Attack Vector
Attacker creates a malicious Word2Vec model (.zip) with tokenizerFactory pointing to arbitrary Java classes like java.lang.ProcessBuilder.
Impact
- Remote Code Execution (RCE)
- Arbitrary Class Instantiation
- Denial of Service
Remediation
Implement class allowlist for tokenizer factory classes.
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support