CVE-2024-35198: TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. TorchServe 's check
criticalvulnerability
security
Summary
TorchServe (a tool for running machine learning models in production) has a security flaw where its allowed_urls check (a restriction on which websites models can be downloaded from) can be bypassed using special characters like ".." in the URL. Once a model file is downloaded through this bypass, it can be used again without the security check, effectively removing the protection.
Solution / Mitigation
The issue has been fixed by validating the URL without characters such as ".." before downloading (see PR #3082). TorchServe release 0.11.0 includes the fix. Users are advised to upgrade.
Vulnerability Details
CVSS Score
9.8(critical)
EPSS (30-day exploit probability)
EPSS: 0.2%
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
integrityconfidentiality
Taxonomy References
CWE (Weakness Type)
Affected Vendors
Amazon
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-35198
First tracked: February 15, 2026 at 08:37 PM
Classified by LLM (prompt v3) · confidence: 95%