Namannandan

**Name of the Vulnerable Software and Affected Versions** TorchServe versions prior to 0.11.0 **Description** The issue concerns TorchServe's check on allowed urls configuration, which can be bypassed if the URL contains characters such as "..". This allows a model to be downloaded into the model store, and once downloaded, it can be referenced without providing a URL the second time, effectively bypassing the allowed urls security check. Customers using PyTorch inference Deep Learning Containers (DLC) through Amazon SageMaker and EKS are not affected. **Recommendations** For versions prior to 0.11.0, upgrade to TorchServe release 0.11.0 to address this issue. As a temporary workaround, consider validating the URL without characters such as ".." before downloading to prevent bypassing the allowed urls security check. However, it is advised to upgrade to the fixed version as there are no known workarounds for this issue.

**Name of the Vulnerable Software and Affected Versions** TorchServe versions prior to 0.11.0 **Description** The issue arises from the two gRPC ports 7070 and 7071 not being bound to localhost by default, causing them to be bound to all interfaces when TorchServe is launched. Customers using PyTorch inference Deep Learning Containers through Amazon SageMaker and EKS are not affected. **Recommendations** For versions prior to 0.11.0, upgrade to TorchServe release 0.11.0 to address this issue. As a temporary workaround, consider configuring the gRPC ports to bind to localhost until the upgrade can be applied. Restrict access to the gRPC ports 7070 and 7071 to minimize the risk of exploitation.