Vulnerabilities in Linked Code

Vulnerability Summary

The model kevinscaria/atsc_tk-instruct-base-def-pos-neg-neut-combined is associated with a code repository https://github.com/kevinscaria/InstructABSA for which 6 CWEs (including 0 high severity vulnerabilities) were identified. The weaknesses and vulnerabilities listed here are for informational purposes about the model supply chain and may not be explicit in the model itself.

The model associated with kevinscaria/atsc_tk-instruct-base-def-pos-neg-neut-combined has been found to have 2 Common Weakness Enumerations (CWEs), including 0 high severity vulnerabilities.

The identified weaknesses include:

• CWE-676: Use of Potentially Dangerous Function
• CWE-703: Improper Check or Handling of Exceptional Conditions

The GitHub repository is linked in the huggingface README.md.

The vulnerabilities were discovered using Semgrep and Bandit.

URL: https://huggingface.co/kevinscaria/atsc_tk-instruct-base-def-pos-neg-neut-combined

PURL: pkg:huggingface/kevinscaria/atsc_tk-instruct-base-def-pos-neg-neut-combined@fc9373034eaab4a29528675251903ff66f1a37a9

SHA: fc9373034eaab4a29528675251903ff66f1a37a9

Author: kevinscaria

Tags: ['transformers', 'pytorch', 't5', 'text2text-generation', 'NLP', 'dataset:Yaxin/SemEval2014Task4Raw', 'arxiv:2302.08624', 'license:mit', 'autotrain_compatible', 'endpoints_compatible', 'text-generation-inference', 'region:us']

Downloads: 34

Likes: 1

GitHub Link: https://github.com/kevinscaria/InstructABSA

Low Severity Weaknesses: 6

Medium Severity Weaknesses: 0

High Severity Weaknesses: 0

Total Weaknesses Identified: 6

Common Weaknesses Enumerations (CWEs) Identified: