Latest version: v0.12.0
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2023-48299 | 65345 |
TorchServe is a tool for serving and scaling PyTorch models in produc… |
|
MEDIUM | 5.3 |
| CVE-2022-25647 | 52398 |
Torchserve 0.6.1 updates its MAVEN dependency 'gson' to v2.9.0 to inc… |
|
HIGH | 7.5 |
| CVE-2022-22815 | 48563 |
Torchserve 0.5.3 updates its dependency 'pillow' to v9.0.0 to include… |
|
MEDIUM | 6.5 |
| CVE-2022-22816 | 48564 |
Torchserve 0.5.3 updates its dependency 'pillow' to v9.0.0 to include… |
|
MEDIUM | 6.5 |
| CVE-2021-23437 | 48553 |
Torchserve 0.5.3 updates its dependency 'pillow' to v9.0.0 to include… |
|
HIGH | 7.5 |
| CVE-2021-34552 | 48562 |
Torchserve 0.5.3 updates its dependency 'pillow' to v9.0.0 to include… |
|
CRITICAL | 9.8 |
| PVE-2022-44524 | 48566 |
Torchserve 0.5.3 updates its dependency 'pillow' to v9.0.0 to include… |
|
HIDDEN | X.Y |
| PVE-2021-44525 | 48565 |
Torchserve 0.5.3 updates its dependency 'pillow' to v9.0.0 to include… |
|
HIDDEN | X.Y |
| CVE-2021-45105 | 43735 |
Torchserve 0.5.2 updates its dependency 'log4j2' to v2.17.0 to fix a … |
|
MEDIUM | 5.9 |
| CVE-2021-44832 | 44463 |
Torchserve 0.5.2 includes a version of'log4j2' affected by a medium s… |
|
MEDIUM | 6.6 |
| CVE-2021-44228 | 43736 |
Torchserve 0.5.1 updates its dependency 'log4j' to v2.16.0 to include… |
|
CRITICAL | 10.0 |
| CVE-2021-45046 | 43744 |
Torchserve 0.5.1 updates its dependency 'log4j2' to v2.16.0 to fix cr… |
|
CRITICAL | 9.0 |
| PVE-2024-68053 | 68053 |
Certain versions of TorchServe are susceptible to an OS Command Injec… |
|
- | X.Y |
| CVE-2024-35199 | 72280 |
In affected versions, the two gRPC ports 7070 and 7071, are not bound… |
|
- | - |
| CVE-2024-35198 | 72281 |
TorchServe 's check on allowed_urls configuration can be bypassed if … |
|
- | - |
| CVE-2023-43654 | 65346 |
TorchServe is a tool for serving and scaling PyTorch models in produc… |
|
CRITICAL | 9.8 |