CVE-2024-6577

NONE EPSS 28.1%
Published Mar 20, 20251y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 20, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not properly secured or claimed by the appropriate entity. The issue may result in data breaches, exposure of proprietary information, or unauthorized modifications to stored data.

Threat Intelligence

EPSS Exploit Probability
28.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-840

References 1

  • huntr.com https://huntr.com/bounties/20917570-8328-428f-bd1d-4fcd71fb2359

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.