back to article Trio of TorchServe flaws means PyTorch users need an urgent upgrade

A trio of now-patched security issues in TorchServe, an open-source tool for scaling PyTorch machine-learning models in production, could lead to server takeover and remote code execution (RCE), according to security researchers. The three CVEs, collectively dubbed ShellTorch, rendered "tens of thousands of exposed instances" …

  1. sitta_europea Silver badge

    "...the first issue is due to the interface being bound to the IP address 0.0.0.0 by default..."

    Crikey.

    If they'd do that, they'd do *anything*.

    Avoid.

    1. Youngone

      Why? What's wrong with using IP address 0.0.0.0? I use it on all my machines. For security of course.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like