I help maintain Dask, an OSS project in the Python data space. Dask helps users run arbitrary Python code on distributed clusters of computers.<p>Yesterday, I and several users got a CVE alert (https://www.cve.org/CVERecord?id=CVE-2024-10096) that there was an exploit allowing users with access to a Dask scheduler to run arbitrary code on that server using a backdoor with pickle.<p>Obviously, the creators of this CVE missed the easily accessible `client.run_on_scheduler(my_function)` API, which makes this much easier for a would-be hacker. Is this a backdoor? Maybe, but the front door is wide open inviting all to enter.<p>I did some research into the creator of the CVE, a project call "Protect AI" (Dask is often used in AI workloads). It looks like they acquired an AI bug bounty company, Huntr (https://protectai.com/newsroom/protect-ai-acquires-huntr), which reported the "bug" several months ago. Even though this was spam, Dask maintainers responded to the bug report saying ...<p>> This is the expected behavior and not a vulnerability, which is documented at https://distributed.dask.org/en/stable/limitations.html?highlight=host#security. Specifically "You should only host Dask workers within networks that you trust."<p>Huntr's response?<p>> A dask/dask maintainer has acknowledged this report<p>Followed by publishing the report as a CVE<p>This thoughtless behavior both distracts OSS users, and diminishes the seriousness of the CVE database. It's a shame seeing companies misuse public infrastructure like this. I guess they're using this to generate some internal revenue?