AI Sec Watch

N/A -- The provided content is a GitHub navigation menu and marketing material, not a substantive article about the OWASP Top 10 for LLM Applications. No technical information, vulnerabilities, or security issues are described in the source text.

N/A -- The provided content is a navigation menu and header from a GitHub webpage about enterprise features and developer tools. It does not contain substantive information about the OWASP Top 10 for Large Language Model Applications or any AI/LLM security issues.

This document provides an overview of how different European Union countries are implementing the EU AI Act, which is legislation regulating artificial intelligence systems. Most countries show unclear or partial progress in establishing the required authorities (government bodies responsible for oversight and enforcement), with some nations like Denmark and Finland having made more concrete arrangements for coordinating market surveillance (monitoring that AI systems follow the rules) and serving as single points of contact.

Gradio is an open-source Python package for building web applications, but versions before 5.5.0 have a vulnerability in the File and UploadButton components that allows attackers to read any files from the application server by exploiting path traversal (a technique where attackers use file paths like '../../../' to access files outside their intended directory). This happens when these components are used to preview file content.

Langflow version 1.0.18 and earlier has a remote code execution vulnerability (RCE, where an attacker can run commands on a system they don't own) because components with code functionality execute on the local machine instead of in a sandbox (an isolated environment that limits what code can access). This allows any component to potentially execute arbitrary code.

Gradio version 4.42.0 and earlier contain a server-side request forgery vulnerability (SSRF, a flaw where a server can be tricked into making requests to unintended targets) in the gr.DownloadButton function. The issue exists because the save_url_to_cache function doesn't validate URLs properly, allowing attackers to download local files and access sensitive information from the server.

Ollama before version 0.1.46 has a security flaw where attackers can use path traversal (a technique that manipulates file paths to access files outside their intended directory) in the api/push route to discover which files exist on the server. This allows an attacker to learn information about the server's file system that should be private.

Ollama before version 0.1.34 has a vulnerability where the CreateModelHandler function improperly reads user-controlled file paths without limits, allowing an attacker to specify a blocking file like /dev/random, which causes a goroutine (a lightweight process in Go) to run infinitely and consume resources even after the user cancels their request. This is a resource exhaustion (CWE-404: Improper Resource Shutdown or Release) issue that can disrupt service availability.

A vulnerability in Ollama before version 0.1.46 allows an attacker to crash the application by uploading a malformed GGUF file (a model format file) using two HTTP requests and then referencing it in a custom Modelfile. This causes a segmentation fault (a type of crash where the program tries to access memory it shouldn't), making the application unavailable.