• Google’s OSS-Fuzz finds more than two dozen vulnerabilities in different open-source projects
  • Among them is a vulnerability in OpenSSL that could result in RCE
  • Google sees this as a major milestone in automated bug discovery

Google has found 26 vulnerabilities in different open source code repositories, including a medium-severity flaw in “the critical OpenSSL library that underpins much of internet infrastructure.”

This wouldn’t be much of a news (Google helped find thousands of bugs throughout the years), if the method by which the flaws were discovered wasn’t “artificial”, as the bugs were revealed using its AI-powered fuzzing tool, OSS-Fuzz.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *