Navigation
Recherche
|
AI Bug Bounty Program Finds 34 Flaws in Open-Source Tools
dimanche 3 novembre 2024, 13:34 , par Slashdot
Nearly three dozen flaws in open-source AI and machine learning (ML) tools were disclosed Tuesday as part of [AI-security platform] Protect AI's huntr bug bounty program. The discoveries include three critical vulnerabilities: two in the Lunary AI developer toolkit [both with a CVSS score of 9.1] and one in a graphical user interface for ChatGPT called Chuanhu Chat. The October vulnerability report also includes 18 high-severity flaws ranging from denial-of-service to remote code execution... Protect AI's report also highlights vulnerabilities in LocalAI, a platform for running AI models locally on consumer-grade hardware, LoLLMs, a web UI for various AI systems, LangChain.js, a framework for developing language model applications, and more. In the article, Protect AI's security researchers point out that these open-source tools are 'downloaded thousands of times a month to build enterprise AI Systems.' The three critical vulnerabilties have already been addressed by their respective companies, according to the article. Read more of this story at Slashdot.
https://it.slashdot.org/story/24/11/03/0123205/ai-bug-bounty-program-finds-34-flaws-in-open-source-t...
Voir aussi |
56 sources (32 en français)
Date Actuelle
jeu. 21 nov. - 11:10 CET
|