Protect AI Releases 'Bug Bounty' Report On August Vulnerabilities
The vulnerabilities involve tools used to build machine language models that fuel artificial intelligence applications.
Protect AI, which offers artificial intelligence application security, just released its August vulnerability report.
The report was created with Protect AI's AI/ML "bug bounty" program, huntr. According to the company, the huntr community is made up of over 15,000 members who hunt for vulnerabilities across the "entire OSS AI/ML supply chain."
The vulnerabilities involve tools used to build ML models that fuel AI applications. These tools are open source and are heavily downloaded to build enterprise AI solutions, Protect AI said in a news release.
This month, the huntr community along with Protect AI researchers, discovered 20 vulnerabilities some of which allow bad actors to perform complete system takeovers.
Here is a list of the vulnerabilities huntr has discovered in August:
Remote Code Execution (RCE) in Setuptools
Impact: This vulnerability allows attackers to execute arbitrary code on the system using specially crafted package URLs.
The vulnerability in Setuptools arises from the way it handles package URLs, allowing for code injection. If an attacker can control the URL input, they can inject and execute arbitrary commands on the system. This can be exploited through various vectors, including setup configuration files, command-line arguments, and custom applications relying on Setuptools.
Authorization Bypass in Lunary
Impact: Removed users can still access, modify, and delete organizational templates, leading to unauthorized data manipulation.
The vulnerability in Lunary allows users who have been removed from an organization to continue accessing and modifying templates using old authorization tokens. This occurs because the system does not invalidate tokens upon user removal, enabling unauthorized actions such as reading, creating, editing, and deleting templates.
Server-Side Request Forgery (SSRF) in Netaddr
Impact: This vulnerability can be exploited to bypass SSRF protections, potentially allowing access to internal networks.
The vulnerability in Netaddr involves the mishandling of IPv4-mapped IPv6 addresses. Functions like is_private, is_link_local, and is_loopback do not correctly identify these addresses, which can lead to SSRF attacks. Attackers can exploit this by using IPv4-mapped IPv6 addresses to bypass security checks and access internal resources.
Here is the full list of vulnerabilities. Click on the links for recommended fixes and more information on each: