2 matches found
Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox
A critical security flaw has been disclosed in the llamacpppython Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 CVSS score: 9.7, the flaw has been codenamed Llama Drama by software supply chain security firm Checkmarx. "If...
AI Python Package Flaw ‘Llama Drama’ Threatens Software Supply Chain
By Waqas The Llama Drama vulnerability in the Llama-cpp-Python package exposes AI models to remote code execution RCE attacks, enabling attackers to steal data. Currently, over 6,000 models are affected by this vulnerability. This is a post from HackRead.com Read the original post: AI Python...