Re-thinking and re-writing ML06 - corrupted packages
The description of ML05 is quite limited given how complicated the software supply chains are, especially those related to ML-using software.
In the summary of the vulnerability it is written: This type of attack can be particularly dangerous as it can go unnoticed for a long time, since the victim may not realize that the package they are using has been compromised. The attacker's malicious code could be used to steal sensitive information, modify results, or even cause the machine learning model to fail.. Meanwhile, in the Detectability section in Risk Factors it says, that it's easy to detect this kind of vulns.
What is more, there's nothing said about countermeasures such as SBOM/MLBOM etc. in the description of this vulnerability. In my opinion that should be included.
There's plenty of resources that should be analyzed and used for the description of this specific vulnerability:
Type
Suggestions for Improvement
What would you like to report?
Re-thinking and re-writing ML06 - corrupted packages
The description of ML05 is quite limited given how complicated the software supply chains are, especially those related to ML-using software.
In the summary of the vulnerability it is written: This type of attack can be particularly dangerous as it can go unnoticed for a long time, since the victim may not realize that the package they are using has been compromised. The attacker's malicious code could be used to steal sensitive information, modify results, or even cause the machine learning model to fail.. Meanwhile, in the Detectability section in Risk Factors it says, that it's easy to detect this kind of vulns.
What is more, there's nothing said about countermeasures such as SBOM/MLBOM etc. in the description of this vulnerability. In my opinion that should be included.
There's plenty of resources that should be analyzed and used for the description of this specific vulnerability:
Code of Conduct