The vulnerability of the allowed_urls configuration in the PyTorch TorchServe training and scaling tool allows a attacker to perform an SSRF attack.
The vulnerability of the allowedurls configuration in PyTorch TorchServe’s model servicing and scaling tools is related to insufficient validation of incoming requests during URL verification. Exploiting this vulnerability could allow a remote attacker to execute an SSRF attack...