Critical Bugs Put Hugging Face AI Platform in a ‘Pickle’
Posted on
One issue would have allowed cross-tenant attacks, and another enabled access to a shared registry for container images; exploitation via an insecure Pickle file showcases emerging risks for AI-as-a-service more broadly.