PT-2023-32975 · Unknown +1 · Torchserve +1

Name of the Vulnerable Software and Affected Versions: TorchServe versions 0.3.0 through 0.8.1 Description: The issue is related to the use of a vulnerable version of the SnakeYAML open source library, which potentially exposes users to unsafe deserialization of Java objects. This could allow thi...