Pickle detection gaps #263
Description
As heads up, a number of detection issues were reported by @madgetron on picklescan which may be of interest to modelscan:
| Issue | Fix | Advisory |
|---|---|---|
| Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch | mmaitre314/picklescan@e58e45e | GHSA-w8jq-xcqf-f792 |
| Zip Exploit Crashes Picklescan But Not PyTorch | mmaitre314/picklescan@e58e45e | GHSA-7q5r-7gvp-wc82 |
| Picklescan fails to detect unsafe globals in PyTorch models with non-standard Pickle file extensions | mmaitre314/picklescan@baf03fa | GHSA-769v-p64c-89pr |
| Picklescan fails to detect some unsafe globals | mmaitre314/picklescan@93764d6 | GHSA-655q-fx9r-782v |