Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox

A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 (CVSS score: 9.7), the flaw has been codenamed Llama Drama by software supply chain security firm Checkmarx. "If exploited, it could allow attackers to execute arbitrary code on your system,

Posted from: Click here for the full article.

留言

此網誌的熱門文章

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation