Update README.md
Browse files
README.md
CHANGED
|
@@ -14,21 +14,24 @@ should probably proofread and complete it, then remove this comment. -->
|
|
| 14 |
|
| 15 |
# vulnerability-description-generation-gpt2
|
| 16 |
|
| 17 |
-
This model is a fine-tuned version of [gpt2](https://huggingface.co/gpt2) on
|
|
|
|
| 18 |
It achieves the following results on the evaluation set:
|
| 19 |
- Loss: 1.8131
|
| 20 |
|
| 21 |
## Model description
|
| 22 |
|
| 23 |
-
|
| 24 |
|
| 25 |
-
## Intended uses & limitations
|
| 26 |
|
| 27 |
-
|
| 28 |
|
| 29 |
-
|
|
|
|
|
|
|
| 30 |
|
| 31 |
-
|
|
|
|
| 32 |
|
| 33 |
## Training procedure
|
| 34 |
|
|
|
|
| 14 |
|
| 15 |
# vulnerability-description-generation-gpt2
|
| 16 |
|
| 17 |
+
This model is a fine-tuned version of [gpt2](https://huggingface.co/gpt2) on the dataset [CIRCL/vulnerability](https://huggingface.co/datasets/CIRCL/vulnerability).
|
| 18 |
+
|
| 19 |
It achieves the following results on the evaluation set:
|
| 20 |
- Loss: 1.8131
|
| 21 |
|
| 22 |
## Model description
|
| 23 |
|
| 24 |
+
It is a text generation model and is aimed to assist in writing vulnerability descriptions.
|
| 25 |
|
|
|
|
| 26 |
|
| 27 |
+
## How to get started with the model
|
| 28 |
|
| 29 |
+
```python
|
| 30 |
+
from transformers import pipeline
|
| 31 |
+
pipe = pipeline("text-generation", model="CIRCL/vulnerability-description-generation-gpt2")
|
| 32 |
|
| 33 |
+
>>> print(pipe("A new vulnerability in OpenSSL allows", max_length=300))
|
| 34 |
+
[{'generated_text': 'A new vulnerability in OpenSSL allows remote attackers to create insecure connections. The impact of this vulnerability is that one or more TLS connections will be created under one username or one username/logon in a session for which another username or logon is valid. An attacker that can control the username or logon string of an openSSL host can effectively manipulate the OpenSSL host in a way that enables the attacker to create arbitrary openSSL connections by calling `http-server-create` in a non-secure sequence across other hosts. The vulnerability may be used to perform a man-in-the-middle attack, making the attacker completely different to the attacker. An exploitation may include MITM attacks and man-in-the-middle attacks. NOTE: the vendor states that "SUSE OpenSSL\'s implementation of \'openSSL_connect`, is not vulnerable to MITM attacks. If the attack vector is a MITM attack, OpenSSL will work under any circumstances." The CVE has been assigned for tracking purposes. In no way does the vendor\'s position change that an OpenSSL client should not use openSSL in the context of another OpenSSL server, but an attacker must choose the vulnerability according to their configuration if they are to exploit their attack. NOTE: the vendor indicates that it has considered the impact of this vulnerability "moderate". If by any measure, an OpenSSL client is susceptible to MITM attacks, that vulnerability would be considered low because it would be difficult to exploit a vulnerability that'}]
|
| 35 |
|
| 36 |
## Training procedure
|
| 37 |
|