CVE-2024-35198
- EPSS 0.18%
- Veröffentlicht 19.07.2024 02:15:14
- Zuletzt bearbeitet 04.09.2025 15:43:52
TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. TorchServe 's check on allowed_urls configuration can be by-passed if the URL contains characters such as ".." but it does not prevent the model from ...
CVE-2024-35199
- EPSS 0.09%
- Veröffentlicht 19.07.2024 02:15:14
- Zuletzt bearbeitet 04.09.2025 15:46:54
TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. In affected versions the two gRPC ports 7070 and 7071, are not bound to [localhost](http://localhost/) by default, so when TorchServe is launched, the...
CVE-2023-48299
- EPSS 0.43%
- Veröffentlicht 21.11.2023 21:15:09
- Zuletzt bearbeitet 21.11.2024 08:31:26
TorchServe is a tool for serving and scaling PyTorch models in production. Starting in version 0.1.0 and prior to version 0.9.0, using the model/workflow management API, there is a chance of uploading potentially harmful archives that contain files t...
CVE-2023-43654
- EPSS 91.65%
- Veröffentlicht 28.09.2023 23:15:09
- Zuletzt bearbeitet 21.11.2024 08:24:33
TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be...