Pytorch
by Pytorch
Source repositories
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-3121 | 0.00 | — | 0.00 | Apr 2, 2025 | A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public… | |||
| CVE-2025-3001 | 0.00 | — | 0.00 | Mar 31, 2025 | A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||
| CVE-2025-3000 | 0.00 | — | 0.00 | Mar 31, 2025 | A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||
| CVE-2025-2999 | 0.00 | — | 0.00 | Mar 31, 2025 | A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and… | |||
| CVE-2025-2998 | 0.00 | — | 0.00 | Mar 31, 2025 | A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has… | |||
| CVE-2025-2953 | 0.00 | — | 0.00 | Mar 30, 2025 | A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnn_max_pool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the… | |||
| CVE-2025-2149 | 0.00 | — | 0.00 | Mar 10, 2025 | A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnq_Sigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zero_point leads to improper initialization. The attack needs… | |||
| CVE-2025-2148 | 0.00 | — | 0.00 | Mar 10, 2025 | A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption.… | |||
| CVE-2024-31584 | 0.00 | — | 0.00 | Apr 19, 2024 | Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp. | |||
| CVE-2024-31580 | 0.00 | — | 0.00 | Apr 17, 2024 | PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2024-31583 | 0.00 | — | 0.00 | Apr 17, 2024 | Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp. | |||
| CVE-2022-45907 | 0.00 | — | 0.01 | Nov 26, 2022 | In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely. |
- CVE-2025-3121Apr 2, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public…
- CVE-2025-3001Mar 31, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
- CVE-2025-3000Mar 31, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
- CVE-2025-2999Mar 31, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and…
- CVE-2025-2998Mar 31, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has…
- CVE-2025-2953Mar 30, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnn_max_pool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the…
- CVE-2025-2149Mar 10, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnq_Sigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zero_point leads to improper initialization. The attack needs…
- CVE-2025-2148Mar 10, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption.…
- CVE-2024-31584Apr 19, 2024risk 0.00cvss —epss 0.00
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp.
- CVE-2024-31580Apr 17, 2024risk 0.00cvss —epss 0.00
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2024-31583Apr 17, 2024risk 0.00cvss —epss 0.00
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.
- CVE-2022-45907Nov 26, 2022risk 0.00cvss —epss 0.01
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
Page 2 of 2