Vulnerability	Vulnerable Version
H Improper Control of Generation of Code ('Code Injection') refuel-autolabel is a Label, clean and enrich text datasets with LLMs Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the `validate` function of the `ClassificationTaskValidate` class due to the handling of CSV files in classification tasks. An attacker can execute arbitrary code by crafting a CSV file containing malicious Python code and using it to create a classification task. How to fix Improper Control of Generation of Code ('Code Injection')? There is no fixed version for `refuel-autolabel`.	[0.0.8,)
H Improper Control of Generation of Code ('Code Injection') refuel-autolabel is a Label, clean and enrich text datasets with LLMs Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the `validate` function of the `MLCTaskValidate` class due to the handling of CSV files in multilabel classification tasks. An attacker can execute arbitrary code by crafting a malicious CSV file that contains executable Python code. How to fix Improper Control of Generation of Code ('Code Injection')? There is no fixed version for `refuel-autolabel`.	[0.0.8,)

Improper Control of Generation of Code ('Code Injection')

refuel-autolabel is a Label, clean and enrich text datasets with LLMs

Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the validate function of the ClassificationTaskValidate class due to the handling of CSV files in classification tasks. An attacker can execute arbitrary code by crafting a CSV file containing malicious Python code and using it to create a classification task.

How to fix Improper Control of Generation of Code ('Code Injection')?

There is no fixed version for refuel-autolabel.

[0.0.8,)

Improper Control of Generation of Code ('Code Injection')

refuel-autolabel is a Label, clean and enrich text datasets with LLMs

Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the validate function of the MLCTaskValidate class due to the handling of CSV files in multilabel classification tasks. An attacker can execute arbitrary code by crafting a malicious CSV file that contains executable Python code.

How to fix Improper Control of Generation of Code ('Code Injection')?

There is no fixed version for refuel-autolabel.

[0.0.8,)

Go back to all versions of this package