foundry
foundry copied to clipboard
Published
2 weeks ago
•
RosettaCommons
RosettaCommons
Software Security Audit Results
Hi all, I submitted this github for a security audit and the automated test we used (sonarQube) came up with some findings. Anything medium or higher typically needs to be addressed before the software is allowed to be used. If anything could be fixed I would be appreciative, otherwise it will make things difficult with future versions, etc.
| check_id | severity | path | message | License | Vulnerability | Source | Shortlink | Do we have control to remediate? | If possible to remediate, how will this affect functionality? |
|---|---|---|---|---|---|---|---|---|---|
| trailofbits.python.pickles-in-pytorch.pickles-in-pytorch | HIGH | RF3/modelforge/src/modelhub/inference_engines/rf3.py | Functions reliant on pickle can result in arbitrary code execution. Consider loading from `state_dict`, using fickling, or switching to a safer serialization method like ONNX | AGPL-3.0 license | Insecure Deserialization | https://semgrep.dev/r/trailofbits.python.pickles-in-pytorch.pickles-in-pytorch | https://sg.run/NwQy | ||
| trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules | MEDIUM | RF3/modelforge/src/modelhub/loss/af3_losses.py | Usage of NumPy library inside PyTorch `SubunitSymmetryResolution` module was found. Avoid mixing these libraries for efficiency and proper ONNX loading | AGPL-3.0 license | https://semgrep.dev/r/trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules | https://sg.run/9vxr | |||
| python.lang.security.audit.eval-detected.eval-detected | MEDIUM | RF3/modelforge/src/modelhub/metrics/lddt.py | Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources. | Semgrep Rules License v1.0. For more details, visit semgrep.dev/legal/rules-license | Code Injection | https://semgrep.dev/r/python.lang.security.audit.eval-detected.eval-detected | https://sg.run/ZvrD | ||
| python.lang.security.audit.eval-detected.eval-detected | MEDIUM | RF3/modelforge/src/modelhub/metrics/lddt.py | Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources. | Semgrep Rules License v1.0. For more details, visit semgrep.dev/legal/rules-license | Code Injection | https://semgrep.dev/r/python.lang.security.audit.eval-detected.eval-detected | https://sg.run/ZvrD | ||
| trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules | MEDIUM | RF3/modelforge/src/modelhub/model/layers/af3_diffusion_transformer.py | Usage of NumPy library inside PyTorch `AttentionPairBiasDiffusionDeepspeed` module was found. Avoid mixing these libraries for efficiency and proper ONNX loading | AGPL-3.0 license | https://semgrep.dev/r/trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules | https://sg.run/9vxr | |||
| python.lang.security.audit.non-literal-import.non-literal-import | MEDIUM | RF3/modelforge/src/modelhub/resolvers.py | Untrusted user input in `importlib.import_module()` function allows an attacker to load arbitrary code. Avoid dynamic values in `importlib.import_module()` or use a whitelist to prevent running untrusted code. | Semgrep Rules License v1.0. For more details, visit semgrep.dev/legal/rules-license | Improper Authorization | https://semgrep.dev/r/python.lang.security.audit.non-literal-import.non-literal-import | https://sg.run/y6Jk | ||
| trailofbits.python.automatic-memory-pinning.automatic-memory-pinning | MEDIUM | RF3/modelforge/src/modelhub/utils/datasets.py | If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency | AGPL-3.0 license | Dangerous Method or Function | https://semgrep.dev/r/trailofbits.python.automatic-memory-pinning.automatic-memory-pinning | https://sg.run/jz5N | ||
| python.lang.security.deserialization.pickle.avoid-pickle | MEDIUM | RF3/modelforge/src/modelhub/utils/inference.py | Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format. | Semgrep Rules License v1.0. For more details, visit semgrep.dev/legal/rules-license | Insecure Deserialization | https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-pickle | https://sg.run/OPwB |
