CVE-2025-5197

A Regular Expression Denial of Service ReDoS vulnerability exists in the Hugging Face Transformers library, specifically in the converttfweightnametoptweightname function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern /^/^// that can be...

CVE-2025-5197 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A Regular Expression Denial of Service ReDoS vulnerability exists in the Hugging Face Transformers library, specifically in the converttfweightnametoptweightname function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern /^/^// that can be...

CVE-2025-5197

The CVE-2025-5197 ReDoS vulnerability affects Hugging Face Transformers in the convert_tf_weight_name_to_pt_weight_name() function, where the regex /[^/]___([^/] )/ can cause excessive CPU usage via catastrophic backtracking. Affected versions: up to 4.51.3, with a fix in 4.53.0. Practical impact...

PT-2025-32158 · Hugging Face · Huggingface/Transformers

Name of the Vulnerable Software and Affected Versions: Hugging Face Transformers versions up to 4.51.3 Description: A Regular Expression Denial of Service ReDoS vulnerability exists in the convert tf weight name to pt weight name function of the Hugging Face Transformers library. This function,...

AZL-65658 CVE-2025-51480 affecting package pytorch 2.2.2-12

Path Traversal vulnerability in onnx.externaldatahelper.saveexternaldata in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted externaldata.location paths containing traversal sequences, bypassing intended directory restrictions...

AZL-65661 CVE-2025-51480 affecting package pytorch 2.0.0-14

Path Traversal vulnerability in onnx.externaldatahelper.saveexternaldata in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted externaldata.location paths containing traversal sequences, bypassing intended directory restrictions...

Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem

Summary Multiple vulnerabilities were addressed in IBM watsonx Code Assistant On Prem V5.1.3 Vulnerability Details CVEID:CVE-2025-3136 DESCRIPTION: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function...

CompLeak: Deep Learning Model Compression Exacerbates Privacy Leakage

Model compression is crucial for minimizing memory storage and accelerating inference in deep learning DL models, including recent foundation models like large language models LLMs. Users can access different compressed model versions according to their resources and budget. However, while existi...

BIT-PYTORCH-2024-48063

In PyTorch =2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing...

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Executive summary Recent threat research highlights a growing risk in the Python and machine learning ML ecosystem: the exploitation of serialized model files, specifically those using Python’s pickle module. While commonly used for saving and loading ML models, pickle files can execute arbitrary...

Azure Linux 3.0 Security Update: pytorch (CVE-2025-2953)

The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2953 advisory. - A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by thi...

executorch 安全漏洞

executorch is a PyTorch deployment tool from pytorch open source. A security vulnerability exists in executorch that stems from a heap buffer overflow when loading ExecuTorch methods, which could lead to code execution...

CBL Mariner 2.0 Security Update: pytorch (CVE-2025-2953)

The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2953 advisory. - A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by thi...

CVE-2025-2953 affecting package pytorch for versions less than 2.0.0-9

CVE-2025-2953 affecting package pytorch for versions less than 2.0.0-9. A patched version of the package is available...

PT-2025-38137

Name of the Vulnerable Software and Affected Versions mmaitre314 picklescan versions up to and including 0.0.30 Description An Improper Input Validation vulnerability exists in the scanning logic of picklescan. This flaw allows a remote attacker to bypass pickle files security checks by supplying...

NVIDIA Megatron-LM 代码注入漏洞

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that stems from a python component that could allow an attacker to perform code injection...

BIT-PYTORCH-2024-31583

Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp...

BIT-PYTORCH-2024-31580

PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/varargfunctions.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

编号撤回

update is a library from Aaron's personal developer. serve is a PyTorch open source application for provisioning, optimizing, and scaling PyTorch models in production. This CVE number has been withdrawn...

BIT-PYTORCH-2024-31584

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...