5.3

CVE-2025-46153

PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxfoundationPytorch Update- SwPlatformpython Version >= 2.6.0 < 2.7.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.307
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-1176 Inefficient CPU Computation

The product performs CPU computations using algorithms that are not as efficient as they could be for the needs of the developer, i.e., the computations can be optimized further.

https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a
Third Party Advisory
https://gist.github.com/shaoyuyoung/e636f2e7a306105b7e96809e2b85c28a
Third Party Advisory
https://github.com/pytorch/pytorch/compare/v2.6.0...v2.7.0
Product
https://github.com/pytorch/pytorch/issues/142853
Issue Tracking
https://github.com/pytorch/pytorch/pull/143460
Patch
Issue Tracking