Lucene search
GoogleOSV:PYSEC-2022-43015HistoryNov 26, 2022 - 2:15 a.m.
PYSEC-2022-43015
2022-11-2602:15:00
Google
osv.dev
9
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.1%
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
Related
ibm
ibm
Security Bulletin: PyTorch vulnerability affects IBM Watson Machine Learning in Cloud Pak for Data [CVE-2022-45907]
2024-01-03 07:16:03
cvelist
cvelist
CVE-2022-45907
2022-11-26 00:00:00
osv
osv
BIT-pytorch-2022-45907
2024-03-06 11:02:51
CVE-2022-45907
2022-11-26 02:15:10
PyTorch vulnerable to arbitrary code execution
2022-11-26 03:30:27
prion
prion
Code injection
2022-11-26 02:15:00
nvd
nvd
CVE-2022-45907
2022-11-26 02:15:10
cve
cve
CVE-2022-45907
2022-11-26 02:15:10
debiancve
debiancve
CVE-2022-45907
2022-11-26 02:15:10
github
github
PyTorch vulnerable to arbitrary code execution
2022-11-26 03:30:27
veracode
veracode
Arbitrary Code Execution
2022-12-05 05:12:43
ubuntucve
ubuntucve
CVE-2022-45907
2022-11-26 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.1%
Related for OSV:PYSEC-2022-43015