Add brainsteam/content/bookmarks/2024/10/31/1730397212.md
Deploy Website / build (push) Successful in 22s
Details
Deploy Website / build (push) Successful in 22s
Details
This commit is contained in:
parent
bbebb32223
commit
9468bf5320
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
bookmark-of: https://www.oligo.security/blog/more-models-more-probllms
|
||||
date: '2024-10-31T17:53:32.552674'
|
||||
mp-syndicate-to:
|
||||
- https://brid.gy/publish/mastodon
|
||||
post_meta:
|
||||
- date
|
||||
tags:
|
||||
- ai
|
||||
- cybersecurity
|
||||
type: bookmarks
|
||||
url: /bookmarks/2024/10/31/1730397212
|
||||
|
||||
---
|
||||
|
||||
> Oligo’s research team recently uncovered 6 vulnerabilities in Ollama, one of the leading open-source frameworks for running AI models. Four of the flaws received CVEs and were patched in a recent version, while two were disputed by the application’s maintainers, making them shadow vulnerabilities.
|
||||
|
||||
This work provides some concrete evidence that hosting public-facing Ollama instances is a bad idea. It's great to see that some of the vulnerabilities were already fixed but it also tracks that making an API that's allowed to consume a bunch of GPU time accessible to the public might allow baddies to take advantage of your systems. If you (or your organisation) are planning to use Ollama for model hosting, I recommend [running it behind litellm](https://brainsteam.co.uk/2024/07/08/ditch-that-chatgpt-subscription-moving-to-pay-as-you-go-ai-usage-with-open-web-ui/)
|
||||
<a href="https://brid.gy/publish/mastodon"></a>
|
||||
Loading…
Reference in New Issue