A weakness has been identified in huggingface smolagents 1.24.0. Impacted is the function requests.get/requests.post of the component LocalPythonExecutor. Executing a manipulation can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XHuggingface Smolagents
APPHuggingface1.0.0 – 1.24.0
Related vulnerabilities
Sandbox escape i RCE w Huggingface Smolagents (local_python_executor)
Hugging Face Smolagents version 1.20.0 contains an XPath injection vulnerability in the search_item_ctrl_f fun...
W huggingface smolagents 1.25.0.dev0 wykryto słabość. Dotyczy to funkcji evaluate_augassign/evaluate_call/eval...
RCE w Huggingface Transformers — obejście trust_remote_code w LightGlue
Niebezpieczna deserializacja w LeRobot — RCE przez gRPC bez uwierzytelnienia