CVE-2023-2800

Insecure Temporary File in huggingface/transformers

CVSS 4.7 MEDIUMEPSS 0.3%CWE-377

Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

huggingface · huggingface/transformers

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/huggingface/transformers/commit/80ca92470938bbcc348e2d9cf4734c7c25cb1c43 https://huntr.dev/bounties/a3867b4e-6701-4418-8c20-3c6e7084a44a