--- library_name: transformers license: mit base_model: gpt2 tags: - generated_from_trainer model-index: - name: vulnerability-description-generation-gpt2 results: [] datasets: - CIRCL/vulnerability --- # vulnerability-description-generation-gpt2 This model is a fine-tuned version of [gpt2](https://huggingface.co/gpt2) on the dataset [CIRCL/vulnerability](https://huggingface.co/datasets/CIRCL/vulnerability). It achieves the following results on the evaluation set: - Loss: 1.8131 ## Model description It is a text generation model and is aimed to assist in writing vulnerability descriptions. ## How to get started with the model ```python from transformers import pipeline pipe = pipeline("text-generation", model="CIRCL/vulnerability-description-generation-gpt2") >>> print(pipe("A new vulnerability in OpenSSL allows", max_length=300)) [{'generated_text': 'A new vulnerability in OpenSSL allows remote attackers to create insecure connections. The impact of this vulnerability is that one or more TLS connections will be created under one username or one username/logon in a session for which another username or logon is valid. An attacker that can control the username or logon string of an openSSL host can effectively manipulate the OpenSSL host in a way that enables the attacker to create arbitrary openSSL connections by calling `http-server-create` in a non-secure sequence across other hosts. The vulnerability may be used to perform a man-in-the-middle attack, making the attacker completely different to the attacker. An exploitation may include MITM attacks and man-in-the-middle attacks. NOTE: the vendor states that "SUSE OpenSSL\'s implementation of \'openSSL_connect`, is not vulnerable to MITM attacks. If the attack vector is a MITM attack, OpenSSL will work under any circumstances." The CVE has been assigned for tracking purposes. In no way does the vendor\'s position change that an OpenSSL client should not use openSSL in the context of another OpenSSL server, but an attacker must choose the vulnerability according to their configuration if they are to exploit their attack. NOTE: the vendor indicates that it has considered the impact of this vulnerability "moderate". If by any measure, an OpenSSL client is susceptible to MITM attacks, that vulnerability would be considered low because it would be difficult to exploit a vulnerability that'}] ``` ## Training procedure ### Training hyperparameters The following hyperparameters were used during training: - learning_rate: 2e-05 - train_batch_size: 16 - eval_batch_size: 16 - seed: 42 - optimizer: Use OptimizerNames.ADAMW_TORCH with betas=(0.9,0.999) and epsilon=1e-08 and optimizer_args=No additional optimizer arguments - lr_scheduler_type: linear - lr_scheduler_warmup_steps: 500 - num_epochs: 3 ### Training results | Training Loss | Epoch | Step | Validation Loss | |:-------------:|:-----:|:-----:|:---------------:| | 0.9951 | 1.0 | 24295 | 1.9421 | | 0.9311 | 2.0 | 48590 | 1.8412 | | 0.914 | 3.0 | 72885 | 1.8131 | ### Framework versions - Transformers 4.49.0 - Pytorch 2.6.0+cu124 - Datasets 3.4.0 - Tokenizers 0.21.1