MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
tools
Recherche

AI Bug Bounty Program Finds 34 Flaws in Open-Source Tools

dimanche 3 novembre 2024, 13:34 , par Slashdot
AI Bug Bounty Program Finds 34 Flaws in Open-Source Tools
Slashdot reader spatwei shared this report from SC World:

Nearly three dozen flaws in open-source AI and machine learning (ML) tools were disclosed Tuesday as part of [AI-security platform] Protect AI's huntr bug bounty program.

The discoveries include three critical vulnerabilities: two in the Lunary AI developer toolkit [both with a CVSS score of 9.1] and one in a graphical user interface for ChatGPT called Chuanhu Chat. The October vulnerability report also includes 18 high-severity flaws ranging from denial-of-service to remote code execution... Protect AI's report also highlights vulnerabilities in LocalAI, a platform for running AI models locally on consumer-grade hardware, LoLLMs, a web UI for various AI systems, LangChain.js, a framework for developing language model applications, and more.
In the article, Protect AI's security researchers point out that these open-source tools are 'downloaded thousands of times a month to build enterprise AI Systems.'

The three critical vulnerabilties have already been addressed by their respective companies, according to the article.

Read more of this story at Slashdot.
Lire la suite sur Slashdot
https://it.slashdot.org/story/24/11/03/0123205/ai-bug-bounty-program-finds-34-flaws-in-open-source-t...

Voir aussi

tools Microsoft Exchange update fixes security flaws, breaks other stuff TheRegister15 Nov
flaws Some of Substack’s Biggest Newsletters Rely On AI Writing Tools Wired: Tech.15 Nov
open-source Open Source Fights Back: 'We Won't Get Patent-Trolled Again' Slashdot15 Nov
ai's L'open source riposte contre les patent troll : "Nous ne nous laisserons plus contrôler" ZDNet.fr15 Nov
protect Five Eyes infosec agencies list 2024's most exploited software flaws TheRegister14 Nov
bug Five Eyes infosec agencies list 2023's most exploited software flaws TheRegister14 Nov
bounty WDK by Tether : un ambitieux portefeuille crypto open source TooLinux14 Nov
program GOG's Preservation Program Is the DRM-Free Store Refocusing On the Classics Slashdot14 Nov
report Microsoft fixes dozens of security flaws in Windows and Office PC World13 Nov
three Don't be like Michael Scott! Present data like a pro with Microsoft Visio's diagramming tools BoingBoing13 Nov
systems Spotify's Car Thing, Due For Bricking, Is Getting an Open Source Second Life Slashdot13 Nov
critical Open Source Project DeFlock Is Mapping License Plate Surveillance Cameras All Over the World Slashdot12 Nov
vulnerabilities Logitech launches Sync smart office tools to streamline workplace efficiency BetaNews12 Nov
article What might a second term of Trump mean for the US space program? TheRegister12 Nov
platform Box adds AI agent and no-code app builder tools ComputerWorld12 Nov
source [$] The top open-source security events in 2024 LWN.net11 Nov
open La NASA finance des logiciels open source pour soutenir l'innovation scientifique ZDNet.fr 9 Nov
tools Mozilla Foundation lays off 30% of its employees, ends advocacy for open web, privacy, and more OS News 8 Nov
flaws Watchdog finds AI tools can be used unlawfully to filter candidates by race, gender TheRegister 8 Nov
open-source Les meilleurs modèles d'IA open-source : toutes les options gratuites expliquées pour vous ZDNet.fr 8 Nov
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
jeu. 21 nov. - 11:10 CET