Security News > 2024 > May > Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox
2024-05-21 10:22
A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 (CVSS score: 9.7), the flaw has been codenamed Llama Drama by software supply chain security firm Checkmarx. "If exploited, it could allow attackers to execute arbitrary code on your system,
News URL
https://thehackernews.com/2024/05/researchers-uncover-flaws-in-python.html
Related news
- Researchers Reveal 'Deceptive Delight' Method to Jailbreak AI Models (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Researchers Uncover Vulnerabilities in Open-Source AI and ML Models (source)
- Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code (source)
- Researchers Warn of Privilege Escalation Risks in Google's Vertex AI ML Platform (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-14 | CVE-2024-34359 | llama-cpp-python is the Python bindings for llama.cpp. | 0.0 |