编号撤回

update is a library from Aaron's personal developer. serve is a PyTorch open source application for provisioning, optimizing, and scaling PyTorch models in production. This CVE number has been withdrawn...

CVE-2024-6577

In the latest version of pytorch/serve, the script 'uploadresultstos3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not...

CVE-2024-6577

In the latest version of pytorch/serve, the script 'uploadresultstos3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not...

CVE-2024-6577

CVE-2024-6577 affects pytorch/serve. The script upload_results_to_s3.sh references the S3 bucket benchmarkai-metrics-prod without verifying ownership or accessibility, potentially enabling data exposure or unauthorized modifications if the bucket is not properly secured. No explicit remediation o...

CVE-2024-6577 Unclaimed S3 Bucket Usage in pytorch/serve

In the latest version of pytorch/serve, the script 'uploadresultstos3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not...

CVE-2024-6577 Unclaimed S3 Bucket Usage in pytorch/serve

In the latest version of pytorch/serve, the script 'uploadresultstos3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not...

TorchServe ZipSlip

Impact Using the model/workflow management API, there is a chance of uploading potentially harmful archives that contain files that are extracted to any location on the filesystem that is within the process permissions. Leveraging this issue could aid third-party actors in hiding harmful code in...

PyTorch Security Vulnerabilities

PyTorch is a Python package in the PyTorch open source. A security vulnerability exists in PyTorch Serve versions prior to 0.1.0 through 0.9.0, which stems from a security flaw in the model/workflow management API. An attacker can exploit this vulnerability to upload a harmful archive...

PyTorch Code Issues Vulnerabilities

PyTorch is a Python package open-sourced by PyTorch. A code issue vulnerability exists in PyTorch Serve versions 0.1.0 through 0.8.1 that stems from a lack of input validation...