CVE-2023-7018: 
NixOS vulnerability analysis and mitigation

A deserialization of untrusted data vulnerability (CVE-2023-7018) was discovered in the Hugging Face Transformers library versions prior to 4.36. The vulnerability was identified in December 2023 and affects the automatic loading of vocab.pkl files from remote repositories (SecurityWeek).

The vulnerability exists due to unrestricted implementation in a function used for the automatic loading of vocab.pkl files from remote repositories. The issue has been assigned a CVSS v3.1 base score of 7.8 (HIGH) by NIST with vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, while huntr.dev rated it as CRITICAL with a CVSS score of 9.6 (vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H). The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) (NVD).

The vulnerability could allow attackers to load malicious files and achieve remote code execution (RCE) on the target system. This poses a significant security risk as it could lead to unauthorized code execution and potential system compromise (SecurityWeek).

The vulnerability has been patched in Hugging Face Transformers version 4.36. Users are required to set the environment variable TRUST_REMOTE_CODE to True if they need to use pickle.load() functionality. However, it's recommended to upgrade to the latest version and never unpickle data from untrusted sources (GitHub Patch).