search

LAION-AI / Open-Assistant

OpenAssistant is a chat-based assistant that understands tasks, can interact with third-party systems, and retrieve information dynamically to do so.
https://open-assistant.io
Apache License 2.0
36.83k stars 3.21k forks source link

Potential Information Leakage #3749

Open nevercodecorrect opened 3 months ago

nevercodecorrect commented 3 months ago

In the source code, sensitive informaiton like api_key is inserted into the log. It is a potential security issue as bescribed in cwe-532. The api_key could be redacted. The leakage could happen in 1 2 3