Seth Michael Larson on Nostr: There was already suspicion that LLMs generated a large batch of bogus CVEs not long ...
There was already suspicion that LLMs generated a large batch of bogus CVEs not long ago. I suspect that CVE-2023-38898 which targeted #Python and wasn't reported to the Python Security Response Team was a part of that batch.
Now curl gets explicit proof that "security researchers" are submitting reports direct from an LLM without any double-checking. As if handling vulnerabilities wasn't hard enough for #OpenSource maintainers! 😡
https://hackerone.com/reports/2199174
Now curl gets explicit proof that "security researchers" are submitting reports direct from an LLM without any double-checking. As if handling vulnerabilities wasn't hard enough for #OpenSource maintainers! 😡
https://hackerone.com/reports/2199174