CVE-2024-48063
- EPSS 15.46%
- Veröffentlicht 29.10.2024 21:15:04
- Zuletzt bearbeitet 16.07.2025 00:25:40
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing.
CVE-2024-31584
- EPSS 0.08%
- Veröffentlicht 19.04.2024 21:15:08
- Zuletzt bearbeitet 03.06.2025 14:04:04
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp.
CVE-2024-31583
- EPSS 0.06%
- Veröffentlicht 17.04.2024 19:15:07
- Zuletzt bearbeitet 10.06.2025 01:33:43
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.
- EPSS 0.02%
- Veröffentlicht 17.04.2024 19:15:07
- Zuletzt bearbeitet 10.06.2025 17:38:16
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2022-45907
- EPSS 0.16%
- Veröffentlicht 26.11.2022 02:15:10
- Zuletzt bearbeitet 25.04.2025 20:15:37
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.