CVE-2024-6577
NONE EPSS 28.1%
Published Mar 20, 20251y ago · Modified Jun 17, 20262w ago
Published Mar 20, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not properly secured or claimed by the appropriate entity. The issue may result in data breaches, exposure of proprietary information, or unauthorized modifications to stored data.
Threat Intelligence
EPSS Exploit Probability
28.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-840
References 1
- huntr.com https://huntr.com/bounties/20917570-8328-428f-bd1d-4fcd71fb2359
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.