from 0, < 2.6.0
CRITICAL9.8CVE-2024-48063In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. from 0, < 2.5.0
CRITICAL9.8CVE-2022-45907PyTorch vulnerable to arbitrary code execution from 0, < 1.13.1
HIGH8.8PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files
from 0, < 2.10.0
HIGH7.8PyTorch pt2 Loading deserialization
>= 2.10.0, < 2.11.0
HIGH7.8Pytorch use-after-free vulnerability
from 0, < 2.2.1
HIGH7.5An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor…
from 0, < 2.7.1
HIGH7.5A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tens…
from 0, < 2.7.1
HIGH7.5A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Ser…
from 0, < 2.7.1
HIGH7.5A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).
from 0, < 2.7.1
HIGH7.5pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.
from 0, < 2.9.0
HIGH7.5An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice ope…
from 0, < 2.9.0
HIGH7.5PyTorch Tuple Handler is Vulnerable to Memory Corruption through Manipulation of None Argument
>= 2.6.0, < 2.7.0
HIGH7.5PyTorch heap buffer overflow vulnerability
from 0, < 2.2.1
MEDIUM5.5PyTorch torch.jit.jit_module_from_flatbuffer memory corruption
>= 2.6.0, < 2.7.0
MEDIUM5.5Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp.
from 0, < 2.2.1
MEDIUM5.3pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
from 0, < 2.9.0
MEDIUM5.3PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU imp…
>= 2.6.0, < 2.7.0
MEDIUM5.3In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument.
>= 2.6.0, < 2.7.0
MEDIUM5.3In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results.
>= 2.6.0, < 2.7.0
MEDIUM5.3In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error.
>= 2.6.0, < 2.7.0
MEDIUM5.3In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistance(p=2) produces incorrect results.
from 0, < 2.7.0
MEDIUM5.3PyTorch is vulnerable to memory corruption through its torch.lstm_cell function
>= 2.6.0, < 2.7.0
MEDIUM5.3PyTorch is vulnerable to memory corruption through its torch.jit.script function
>= 2.6.0, < 2.7.0
MEDIUM5.3PyTorch is vulnerable to memory corruption through its unpack_sequence function
>= 2.6.0, < 2.7.0
MEDIUM5.3PyTorch is Vulnerable to Memory Consumption through pad_packed_sequence Function
>= 2.6.0, < 2.7.0
LOW3.3An issue was discovered in PyTorch v2.5 and v2.7.1.
>= 2.5.0, < 2.5.1, >= 2.7.1, < 2.8.0
LOW3.3PyTorch Improper Resource Shutdown or Release vulnerability
>= 2.6.0, < 2.7.0
LOW3.3PyTorch susceptible to local Denial of Service
>= 2.6.0, < 2.7.0
LOW2.5PyTorch: Manipulation of the argument scale/zero_point leads to improper initialization via Quantized Sigmoid Module
>= 2.6.0, < 2.7.0
—PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruption
>= 2.6.0, < 2.7.0