Attack Type

Data Extraction

Data extraction attacks target the information processed or memorised by AI/ML systems. They take three main forms. First, training-data extraction: large language models can memorise verbatim spans of their training corpus, and an attacker who crafts the right prompts can pull back PII, API keys, or copyrighted text — a result demonstrated against GPT-2 by Carlini et al. and reproduced against several production models. Second, model extraction: by repeatedly querying a hosted model and observing outputs, an attacker can reconstruct enough behaviour to clone proprietary fine-tunes. Third, system-prompt and conversation leakage: indirect prompt injection or insecure logging can leak the application's instructions and other users' conversations. Multi-tenant inference platforms (vLLM, Triton, hosted APIs) and RAG systems are particularly exposed. Defenses: output filtering, differential privacy in training, rate limits, and strict tenant isolation.

903
Total CVEs
46
Pages
Page 22 of 46
Current
Severity CVE CVSS
LOW GHSA-r7w7-9xr2-qq2r 3.1
MEDIUM GHSA-fv5p-p927-qmxr 6.5
HIGH GHSA-gqqj-85qm-8qhf 8.7
HIGH GHSA-w8hx-hqjv-vjcq 7.3
HIGH GHSA-f6hc-c5jr-878p -
HIGH GHSA-28g4-38q8-3cwc -
HIGH GHSA-x5w6-38gp-mrqh -
HIGH GHSA-6f7g-v4pp-r667 -
HIGH GHSA-6r77-hqx7-7vw8 7.1
HIGH GHSA-2x8m-83vc-6wv4 7.1
HIGH GHSA-xhmj-rg95-44hv 7.1
HIGH GHSA-cvrr-qhgw-2mm6 7.7
HIGH GHSA-4jpm-cgx2-8h37 -
HIGH GHSA-48m6-ch88-55mj 8.1
HIGH GHSA-f228-chmx-v6j6 8.3
MEDIUM GHSA-9hrv-gvrv-6gf2 -
MEDIUM GHSA-qqvm-66q4-vf5c -
MEDIUM GHSA-m7mq-85xj-9x33 5.6
MEDIUM GHSA-2qqc-p94c-hxwh 5.6
MEDIUM GHSA-cc4f-hjpj-g9p8 5.6

Page 22 of 46