Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:pytorch:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Pytorch (d7909c80-f852-5bb9-b4c3-425a44329af9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-4538 |
vulnerable | 2026-06-08 08:05:13.502567 |
PyTorch pt2 Loading deserialization
MEDIUM (5.3)
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through a pull request but has not reacted yet.
Published: 2026-03-22T04:20:28.356Z
Updated: 2026-03-23T16:21:46.022Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-4287 |
vulnerable | 2026-06-08 07:29:15.979240 |
PyTorch nccl.py torch.cuda.nccl.reduce denial of service
LOW (3.3)
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as 5827d2061dcb4acd05ac5f8e65d8693a481ba0f5. It is recommended to apply a patch to fix this issue.
Published: 2025-05-05T20:00:11.130Z
Updated: 2025-05-06T13:45:53.787Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3730 |
vulnerable | 2026-06-08 07:23:09.730484 |
PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service
LOW (3.3)
A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctc_loss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The name of the patch is 46fc5d8e360127361211cb237d5f9eef0223e567. It is recommended to apply a patch to fix this issue. The security policy of the project warns to use unknown models which might establish malicious effects.
Published: 2025-04-16T21:00:17.836Z
Updated: 2025-05-22T21:39:19.138Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3136 |
vulnerable | 2026-06-08 07:23:08.237276 |
PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruption
LOW (3.3)
A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Published: 2025-04-03T03:31:05.598Z
Updated: 2025-04-03T13:31:31.510Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3121 |
vulnerable | 2026-06-08 07:23:08.176629 |
PyTorch torch.jit.jit_module_from_flatbuffer memory corruption
LOW (3.3)
A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Published: 2025-04-02T22:00:12.390Z
Updated: 2025-04-03T19:26:25.202Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3001 |
vulnerable | 2026-06-08 07:23:07.774022 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3000 |
vulnerable | 2026-06-08 07:23:07.772288 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2999 |
vulnerable | 2026-06-08 07:16:58.809684 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2998 |
vulnerable | 2026-06-08 07:16:58.807730 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2953 |
vulnerable | 2026-06-08 07:16:58.733703 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2149 |
vulnerable | 2026-06-08 07:14:58.175191 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2148 |
vulnerable | 2026-06-08 07:14:58.173941 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.