AZL-60500 CVE-2025-3730 affecting package pytorch for versions less than 2.2.2-6

🗓️ 16 Apr 2025 21:15:48Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

Local denial of service in PyTorch 2.6.0 via ctc_loss; patch for older versions needed.

Reporter	Title	Published	Views	Family All 37
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch	29 Oct 202510:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl	20 Sep 202511:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl	22 Oct 202511:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch [CVE-2025-3730]	17 Dec 202514:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem	22 Jul 202512:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer.	9 May 202509:05	–	ibm
Tenable Nessus	Azure Linux 3.0 Security Update: pytorch (CVE-2025-3730)	6 May 202500:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: pytorch (CVE-2025-3730)	6 May 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2025-3730	30 Aug 202500:00	–	nessus
CBLMariner	CVE-2025-3730 affecting package pytorch for versions less than 2.2.2-6	24 Apr 202515:08	–	cbl_mariner

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-3730

21 Apr 2026 04:37Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.15.5

EPSS0.00017

pytorch ctc loss local denial older versions patch hash