Skip to content

AI Application Security(LLM) #389

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Dec 6, 2023
Merged

AI Application Security(LLM) #389

merged 4 commits into from
Dec 6, 2023

Conversation

TimmyBugcrowd
Copy link
Contributor

Adding:

Application Level DoS - Excessive Resource Consumption - Injection (Prompt) - Varies
AI Application Security - Large Language Model (LLM) Security - Prompt Injection - P1
AI Application Security - Large Language Model (LLM) Security - LLM Output Handling - P1
AI Application Security - Large Language Model (LLM) Security - Training Data Poisoning - P1
AI Application Security - Large Language Model (LLM) Security - Excessive Agency/Permission Manipulation - P2

@drunkrhin0
Copy link

@TimmyBugcrowd the ID's don't match my branch here. Unsure of if they need to be identical.

https://github.com/bugcrowd/vulnerability-rating-taxonomy/tree/LLM-VRT-Additions

@drunkrhin0
Copy link

Additionally I'd suggest kicking off CVSSv4 ratings since AI is more advanced than what the CVSS 3.1 maturity model was intended for

@drunkrhin0 drunkrhin0 linked an issue Dec 1, 2023 that may be closed by this pull request
Add LLM VRT Entries #377
Closed
@trimkadriu trimkadriu self-requested a review December 6, 2023 13:09
trimkadriu
trimkadriu approved these changes Dec 6, 2023
View reviewed changes
Copy link

@trimkadriu trimkadriu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@trimkadriu trimkadriu merged commit 8e7a418 into master Dec 6, 2023
@trimkadriu trimkadriu deleted the llm-model-vrt-items branch December 6, 2023 13:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@trimkadriu trimkadriu trimkadriu approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add LLM VRT Entries

4 participants

@TimmyBugcrowd @drunkrhin0 @trimkadriu @jhas3c