CVE-2023-48299: TorchServe is a tool for serving and scaling PyTorch models in production. Starting in version 0.1.0 and prior to versio
Summary
TorchServe (a tool for running PyTorch machine learning models as web services) versions before 0.9.0 had a ZipSlip vulnerability (a flaw where an attacker can extract files outside the intended folder by crafting malicious archive files), allowing attackers to upload harmful code disguised in publicly available models that could execute on machines running TorchServe. The vulnerability affected the model and workflow management API, which handles uploaded files.
Solution / Mitigation
Upgrade to TorchServe version 0.9.0 or later. The fix validates the file paths in zip archives before extracting them to prevent files from being placed in unintended filesystem locations.
Vulnerability Details
5.3(medium)
EPSS: 0.4%
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2023-48299
First tracked: February 15, 2026 at 08:37 PM
Classified by LLM (prompt v3) · confidence: 95%