2 matches found
CVE-2025-62609
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. This iss...
aggressor (=0.0.1a0), cartesia-mlx (=0.0.2) +13 more potentially affected by CVE-2025-62609 via mlx (>=0.0.4 <=0.29.2)
mlx PYPI version =0.0.4, =0.0.1, =0.6.0, =0.1.9, =0.4.2, =1.2.0, =0.0.0, =0.0.27, =0.0.1, =0.0.3a0 Source cves: CVE-2025-62609 Source advisory: OSV:GHSA-J842-XGM4-WF88...