Llama Drama: Vulnerability Threatening Your Software Supply Chain
Key Points The critical vulnerability CVE-2024-34359 has been discovered by retr0reg in the “llama_cpp_python” Python package. This vulnerability allows attackers to execute arbitrary code from the misuse of the Jinja2 template engine. Over 6k AI…