{"data":{"id":"67d1c7bb-9802-40ae-8af1-0dedf98ec3e5","title":"CVE-2024-35198: TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. TorchServe 's check ","summary":"TorchServe (a tool for running machine learning models in production) has a security flaw where its allowed_urls check (a restriction on which websites models can be downloaded from) can be bypassed using special characters like \"..\" in the URL. Once a model file is downloaded through this bypass, it can be used again without the security check, effectively removing the protection.","solution":"The issue has been fixed by validating the URL without characters such as \"..\" before downloading (see PR #3082). TorchServe release 0.11.0 includes the fix. Users are advised to upgrade.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-35198","publishedAt":"2024-07-19T06:15:14.150Z","cveId":"CVE-2024-35198","cweIds":["CWE-706"],"cvssScore":"9.8","cvssSeverity":"critical","severity":"critical","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Amazon"],"affectedVendorsRaw":["PyTorch","TorchServe","Amazon SageMaker","Amazon EKS"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00177,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}