Security Research PoC โ€” BentoML picklable_model cloudpickle.load() RCE

Demonstrates unsafe cloudpickle.load() in bentoml/_internal/frameworks/picklable_model.py:73

import bentoml
model = bentoml.picklable_model.load_model('poc-model:latest')
# Prints: [VULNERABLE] BentoML cloudpickle.load() RCE:
# uid=501(user) gid=20(staff) ...
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support