Three years? The last time I used pickle was for a school project over a decade ago and even then these vulnerabilities were clearly laid out in the documentation, and it strongly advised against using it for any serious application. The only reason I kept using it in the project is precisely because it was a school project, and I knew the application would never be used in any production context worth attacking. Watching the ML community enthusiastically embrace pickle in the time since has been very amusing to say the least. Honestly I’m surprised it only seems to be catching up to them now.
We’ve known pickle files have been unsafe for like three years at this point and people are still using them?
Three years? The last time I used pickle was for a school project over a decade ago and even then these vulnerabilities were clearly laid out in the documentation, and it strongly advised against using it for any serious application. The only reason I kept using it in the project is precisely because it was a school project, and I knew the application would never be used in any production context worth attacking. Watching the ML community enthusiastically embrace pickle in the time since has been very amusing to say the least. Honestly I’m surprised it only seems to be catching up to them now.