refuel-autolabel@0.0.10 vulnerabilities

Label, clean and enrich text datasets with LLMs

latest version

0.0.16
latest non vulnerable version

0.0.7
first published

a year ago
latest version published

a year ago
licenses detected
- MIT
  [0,)
View refuel-autolabel package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the refuel-autolabel package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Improper Control of Generation of Code ('Code Injection') refuel-autolabel is a Label, clean and enrich text datasets with LLMs Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the `validate` function of the `ClassificationTaskValidate` class due to the handling of CSV files in classification tasks. An attacker can execute arbitrary code by crafting a CSV file containing malicious Python code and using it to create a classification task. How to fix Improper Control of Generation of Code ('Code Injection')? There is no fixed version for `refuel-autolabel`.	[0.0.8,)
H Improper Control of Generation of Code ('Code Injection') refuel-autolabel is a Label, clean and enrich text datasets with LLMs Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the `validate` function of the `MLCTaskValidate` class due to the handling of CSV files in multilabel classification tasks. An attacker can execute arbitrary code by crafting a malicious CSV file that contains executable Python code. How to fix Improper Control of Generation of Code ('Code Injection')? There is no fixed version for `refuel-autolabel`.	[0.0.8,)

Improper Control of Generation of Code ('Code Injection')

refuel-autolabel is a Label, clean and enrich text datasets with LLMs

Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the validate function of the ClassificationTaskValidate class due to the handling of CSV files in classification tasks. An attacker can execute arbitrary code by crafting a CSV file containing malicious Python code and using it to create a classification task.

How to fix Improper Control of Generation of Code ('Code Injection')?

There is no fixed version for refuel-autolabel.

[0.0.8,)

Improper Control of Generation of Code ('Code Injection')

refuel-autolabel is a Label, clean and enrich text datasets with LLMs

Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the validate function of the MLCTaskValidate class due to the handling of CSV files in multilabel classification tasks. An attacker can execute arbitrary code by crafting a malicious CSV file that contains executable Python code.

How to fix Improper Control of Generation of Code ('Code Injection')?

There is no fixed version for refuel-autolabel.

[0.0.8,)

Go back to all versions of this package

refuel-autolabel@0.0.10 vulnerabilities

Label, clean and enrich text datasets with LLMs

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities