How severe is CVE-2024-6577?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2024-6577?

This is classified as CWE-840, which is a common weakness in software security.

CVE-2024-6577

MEDIUM Year: 2024

CVSS v3 Score

6.3

Medium

Weakness Type

CWE-840

View all →

Vulnerability Description

In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not properly secured or claimed by the appropriate entity. The issue may result in data breaches, exposure of proprietary information, or unauthorized modifications to stored data.

CVE-2025-2321

MEDIUM

CVSS:6.3(Medium)

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/...

CWE-8402025

CVE-2021-22922

MEDIUM

CVSS:6.5(Medium)

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to g...

CWE-8402021

CVE-2021-36012

MEDIUM

CVSS:6.5(Medium)

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can l...

CWE-8402021