In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Arbitrary Code Execution vulnerabilities in an interactive lesson.
Start learningUpgrade sentence-transformers
to version 3.1.0 or higher.
sentence-transformers is a State-of-the-Art Text Embeddings
Affected versions of this package are vulnerable to Arbitrary Code Execution when loading PyTorch model files. The torch.load()
function, used without the weights_only=True
parameter, could deserialize malicious Python objects from manipulated model files.