YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

DL4J Arbitrary Class Instantiation Vulnerability PoC

Vulnerability Summary

Type: Arbitrary Class Instantiation via Unvalidated Model Configuration
Severity: Critical (Remote Code Execution)
Affected Component: org.deeplearning4j.models.embeddings.loader.WordVectorSerializer

Vulnerable Code

File: deeplearning4j/deeplearning4j-nlp-parent/deeplearning4j-nlp/src/main/java/org/deeplearning4j/models/embeddings/loader/WordVectorSerializer.java Lines: 3067-3069

String tokenizerFactoryClassName = configuration.getTokenizerFactory();
TokenizerFactory factory = DL4JClassLoading.createNewInstance(tokenizerFactoryClassName);

Attack Vector

Attacker creates a malicious Word2Vec model (.zip) with tokenizerFactory pointing to arbitrary Java classes like java.lang.ProcessBuilder.

Impact

  • Remote Code Execution (RCE)
  • Arbitrary Class Instantiation
  • Denial of Service

Remediation

Implement class allowlist for tokenizer factory classes.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support