Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unclaimed S3 Bucket Usage in pytorch/serve
Vulnerability Description
In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not properly secured or claimed by the appropriate entity. The issue may result in data breaches, exposure of proprietary information, or unauthorized modifications to stored data.
CVSS Information
N/A
Vulnerability Type
业务逻辑错误
Vulnerability Title
PyTorch 安全漏洞
Vulnerability Description
PyTorch是PyTorch开源的一个 Python 包。 PyTorch存在安全漏洞,该漏洞源于upload_results_to_s3.sh脚本未确保S3桶所有权,可能导致数据泄露或未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A