CVE-2023-6730
Deserialization of Untrusted Data vulnerability in transformers (PyPI)
What is CVE-2023-6730 About?
This vulnerability involves deserialization of untrusted data in the huggingface/transformers repository prior to version 4.36. Improper validation during deserialization can allow an attacker to inject malicious objects, leading to various impacts such as arbitrary code execution or denial of service. Exploitation complexity depends on the specific deserialization context, but it frequently poses a significant risk.
Affected Software
- transformers
- <4.36.0
- <1d63b0ec361e7a38f1339385e8a5a855085532ce
Technical Details
The vulnerability is categorized as 'Deserialization of Untrusted Data' and affects the huggingface/transformers repository in versions earlier than 4.36. This class of vulnerability occurs when an application deserializes data received from an untrusted source without proper validation or sanitization. If the deserialization process reconstructs objects whose properties or methods can be controlled by an attacker, it can lead to severe consequences. Attackers can embed malicious serialized objects (gadgets) within the untrusted data. When the application attempts to deserialize this data, these gadgets can trigger unintended code execution (e.g., through arbitrary method calls or object instantiation), manipulate application logic, or cause resource exhaustion.
What is the Impact of CVE-2023-6730?
Successful exploitation may allow attackers to execute arbitrary code, manipulate object behavior, cause denial of service, bypass authentication, or achieve remote code execution depending on the deserialization context.
What is the Exploitability of CVE-2023-6730?
Exploitation of this vulnerability's complexity varies widely depending on the specific deserialization mechanism and available 'gadgets' in the application's classpath. Generally, it requires an attacker to provide specially crafted, serialized data to an endpoint that performs deserialization. This is typically a remote attack. No specific authentication or privilege requirements are universally applicable, as the vulnerability lies in the deserialization process itself, which might be exposed to unauthenticated users or users with standard privileges. The risk of exploitation is significantly increased when applications accept serialized objects directly from untrusted sources, particularly in contexts like API endpoints, message queues, or file uploads where model files or other serialized data might be processed.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-6730?
Available Upgrade Options
- transformers
- <4.36.0 → Upgrade to 4.36.0
- transformers
- <1d63b0ec361e7a38f1339385e8a5a855085532ce → Upgrade to 1d63b0ec361e7a38f1339385e8a5a855085532ce
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://huntr.com/bounties/423611ee-7a2a-442a-babb-3ed2f8385c16
- https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce
- https://github.com/huggingface/transformers
- https://huntr.com/bounties/423611ee-7a2a-442a-babb-3ed2f8385c16
- https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce
- https://huntr.com/bounties/423611ee-7a2a-442a-babb-3ed2f8385c16
- https://osv.dev/vulnerability/GHSA-3863-2447-669p
- https://github.com/pypa/advisory-database/tree/main/vulns/transformers/PYSEC-2023-300.yaml
- https://nvd.nist.gov/vuln/detail/CVE-2023-6730
- https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce
What are Similar Vulnerabilities to CVE-2023-6730?
Similar Vulnerabilities: CVE-2022-21727 , CVE-2021-44228 , CVE-2020-25642 , CVE-2019-12384 , CVE-2018-12739
