huggingface/huggingface_hub v0.13.4
Security patch v0.13.4

on GitHub

latest releases: v0.26.2, v0.26.1, v0.26.0...

19 months ago

Security patch to fix a vulnerability in huggingface_hub. In some cases, downloading a file with hf_hub_download or snapshot_download could lead to overwriting any file on a Windows machine. With this fix, only files in the cache directory (or a user-defined directory) can be updated/overwritten.

Malicious repo can overwrite any file on disk #429 @Wauplin

Full Changelog: v0.13.3...v0.13.4

Check out latest releases or
releases around huggingface/huggingface_hub v0.13.4

Don't miss a new huggingface_hub release

NewReleases is sending notifications on new releases.

Get notifications

huggingface/huggingface_hub v0.13.4 Security patch v0.13.4 on GitHub

huggingface/huggingface_hub v0.13.4
Security patch v0.13.4

on GitHub