Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:19 a.m.7 views

CVE-2022-45907

In PyTorch before trunk/89695, torch.jit.annotations.parsetypeline can cause arbitrary code execution because eval is used unsafely...

9.8CVSS7.6AI score0.01192EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2022-45907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PyTorch before trunk/89695, torch.jit.annotations.parsetypeline can cause arbitrary code execution because eval is used unsafely. CVE-2022-45907 Note that...

9.8CVSS7.1AI score0.01192EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 7:47 p.m.36 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in PyTorch [CVE-2022-45907]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in PyTorch, a flaw in the orch.jit.annotations.parsetypeline function. CVE-2022-45907. PyTorch is included as part of our speech service runtimes. This vulnerabilitiy has been...

9.8CVSS9.6AI score0.01192EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 7:0 p.m.43 views

Security Bulletin: PyTorch is vulnerable to CVE-2022-45907 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses PyTorch which is vulnerable to CVE-2022-21271. Vulnerability Details CVEID:CVE-2022-45907 DESCRIPTION: PyTorch could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the...

9.8CVSS6.3AI score0.02789EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/08 7:34 p.m.64 views

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Angular is part of the .NET RHEL infrastructure CVE-2021-4231. Apache UIMA is used by IBM Robotic Process Automation as part of Watson NLP CVE-2022-32287. SnakeYaml is used by IBM Robotic Process...

9.8CVSS8.8AI score0.99615EPSS
Exploits8Affected Software1
vulnersOsv
vulnersOsv
added 2022/11/26 2:15 a.m.5 views

3d-rcnet (>=0.1.0 <=0.2.3), 4996 (>=0.1.0 <=0.1.1) +602 more potentially affected by CVE-2022-45907 via torch (>=1.0.0 <=1.13.0)

torch PYPI version =1.0.0, =0.1.0, =0.1.0, =0.3.6, =0.4.0, =0.0.1, =1.0.0, =0.0.1, =0.7.0, =0.1.0, =0.0.9, =1.0.0, =1.1.0 and more Source cves: CVE-2022-45907 Source advisory: OSV:PYSEC-2022-43015...

9.8CVSS6.7AI score0.01192EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2022/11/26 12:0 a.m.9 views

CVE-2022-45907

In PyTorch before trunk/89695, torch.jit.annotations.parsetypeline can cause arbitrary code execution because eval is used unsafely...

8AI score0.01192EPSS
Exploits1References2
CVE
CVE
added 2022/11/26 12:0 a.m.115 views

CVE-2022-45907

CVE-2022-45907 is a PyTorch vulnerability where torch.jit.annotations.parse_type_line uses eval unsafely, enabling arbitrary code execution. Documented impact is high (CRITICAL, CVSS 3.1/3.0 vectors with 9.8 base score). Affected IBM products include Watson Studio for Cloud Pak for Data (versions...

9.8CVSS9.6AI score0.01192EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder