Zengtudor/Wan2.1
1
0
Fork 0
mirror of https://github.com/Wan-Video/Wan2.1.git synced 2025-12-15 19:53:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6f4387fd34
Wan2.1/wan/modules
History
Claude f71b604438
security: add weights_only=True to all torch.load() calls 
Fixes a critical security vulnerability where malicious model checkpoints
could execute arbitrary code through pickle deserialization.

Changes:
- wan/modules/vae.py: Add weights_only=True to torch.load()
- wan/modules/clip.py: Add weights_only=True to torch.load()
- wan/modules/t5.py: Add weights_only=True to torch.load()

This prevents arbitrary code execution when loading untrusted checkpoints
while maintaining full compatibility with legitimate model weights.

Security Impact: Critical - prevents RCE attacks
Breaking Changes: None - weights_only=True is compatible with all standard
PyTorch state_dict files
2025-11-19 04:24:14 +00:00
..
__init__.py [feature] Add VACE (#389) 2025-05-14 20:44:25 +08:00
attention.py init upload 2025-02-25 22:07:47 +08:00
clip.py security: add weights_only=True to all torch.load() calls 2025-11-19 04:24:14 +00:00
model.py Format the code (#402) 2025-05-16 12:35:38 +08:00
t5.py security: add weights_only=True to all torch.load() calls 2025-11-19 04:24:14 +00:00
tokenizers.py init upload 2025-02-25 22:07:47 +08:00
vace_model.py Format the code (#402) 2025-05-16 12:35:38 +08:00
vae.py security: add weights_only=True to all torch.load() calls 2025-11-19 04:24:14 +00:00
xlm_roberta.py init upload 2025-02-25 22:07:47 +08:00