Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-43654

Good to know:

icon

Date: September 28, 2023

TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity of the system and sensitive data. This issue is present in versions 0.1.0 to 0.8.1. A user is able to load the model of their choice from any URL that they would like to use. The user of TorchServe is responsible for configuring both the allowed_urls and specifying the model URL to be used. A pull request to warn the user when the default value for allowed_urls is used has been merged in PR #2534. TorchServe release 0.8.2 includes this change. Users are advised to upgrade. There are no known workarounds for this issue.

Language: Java

Severity Score

Related Resources (6)

https://github.com/pytorch/serve/releases/tag/v0.8.2
https://nvd.nist.gov/vuln/detail/CVE-2023-43654
https://github.com/pytorch/serve/security/advisories/GHSA-8fxr-qfr9-p34w
https://github.com/pytorch/serve/pull/2534
http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
https://www.mend.io/vulnerability-database/CVE-2023-43654

Severity Score

Weakness Type (CWE)

Server-Side Request Forgery (SSRF)

CWE-918

Top Fix

icon

Upgrade Version

Upgrade to version v0.8.2

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH

Do you need more information?

Contact Us