7 matches found
CVE-2025-65213
MooreThreads torchmusa through all versions contains an unsafe deserialization vulnerability in torchmusa.utils.comparetool. The compareforsingleop and naninftrackforsingleop functions use pickle.load on user-controlled file paths without validation, allowing arbitrary code execution. An attacker...
EUVD-2025-203406
MooreThreads torchmusa through all versions contains an unsafe deserialization vulnerability in torchmusa.utils.comparetool. The compareforsingleop and naninftrackforsingleop functions use pickle.load on user-controlled file paths without validation, allowing arbitrary code execution. An attacker...
CVE-2025-65213
MooreThreads torchmusa through all versions contains an unsafe deserialization vulnerability in torchmusa.utils.comparetool. The compareforsingleop and naninftrackforsingleop functions use pickle.load on user-controlled file paths without validation, allowing arbitrary code execution. An attacker...
CVE-2025-65213
MooreThreads torchmusa through all versions contains an unsafe deserialization vulnerability in torchmusa.utils.comparetool. The compareforsingleop and naninftrackforsingleop functions use pickle.load on user-controlled file paths without validation, allowing arbitrary code execution. An attacker...
PT-2025-51275
Name of the Vulnerable Software and Affected Versions MooreThreads torch musa affected versions not specified Description MooreThreads torch musa contains an unsafe deserialization issue within the torch musa.utils.compare tool module. The compare for single op and nan inf track for single op...
CVE-2025-65213
MooreThreads torchmusa through all versions contains an unsafe deserialization vulnerability in torchmusa.utils.comparetool. The compareforsingleop and naninftrackforsingleop functions use pickle.load on user-controlled file paths without validation, allowing arbitrary code execution. An attacker...
CVE-2025-65213
MooreThreads torch_musa is affected. The vulnerability resides in the function compare_for_single_op() / nan_inf_track_for_single_op() in torch_musa.utils.compare_tool , which uses pickle.load() on user-controlled file paths without validation, enabling remote code execution with the victim proce...