CVE-2024-11393: Python Pickle Load Without Trust Remote Code Guard
`pickle.load()` / `pickle.loads()` in a checkpoint-conversion script deserializes a user-supplied path without a `TRUST_REMOTE_CODE` environment-variable opt-in guard. Python's pickle protocol can execute arbitrary code embedded via `__reduce__` during deserialization, so loading an attacker-controlled checkpoint, metadata file, or weight bundle enables remo
greprules fetch cve-2024-11393-python-pickle-load-without-trust-remote-code-guard --engine opengrepDescription
`pickle.load()` / `pickle.loads()` in a checkpoint-conversion script deserializes a user-supplied path without a `TRUST_REMOTE_CODE` environment-variable opt-in guard. Python's pickle protocol can execute arbitrary code embedded via `__reduce__` during deserialization, so loading an attacker-controlled checkpoint, metadata file, or weight bundle enables remo
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.