CVE-2024-35198

Name of the Vulnerable Software and Affected Versions TorchServe versions prior to 0.11.0

Description The issue concerns TorchServe's check on allowed urls configuration, which can be bypassed if the URL contains characters such as "..". This allows a model to be downloaded into the model store, and once downloaded, it can be referenced without providing a URL the second time, effectively bypassing the allowed urls security check. Customers using PyTorch inference Deep Learning Containers (DLC) through Amazon SageMaker and EKS are not affected.

Recommendations For versions prior to 0.11.0, upgrade to TorchServe release 0.11.0 to address this issue. As a temporary workaround, consider validating the URL without characters such as ".." before downloading to prevent bypassing the allowed urls security check. However, it is advised to upgrade to the fixed version as there are no known workarounds for this issue.