CLIP PyTorch RCE PoC

Malicious PyTorch model file that demonstrates RCE via torch.load() in CLIP.

Vulnerability: Insecure deserialization in clip/clip.py:136

state_dict = torch.load(opened_file, map_location="cpu")

torch.load() uses pickle under the hood, allowing arbitrary code execution when loading a malicious model.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support