0.002 Low
EPSS
Percentile
61.4%
torch is vulnerable to arbitrary code execution. The vulnerability is due to improper validation of input during eval() in annotations.py which allows an attacker to take over an existing account and execute malicious code into the system.
eval()
annotations.py
github.com/advisories/GHSA-47fc-vmwq-366v
github.com/pytorch/pytorch/commit/767f6aa49fe20a2766b9843d01e3b7f7793df6a3
github.com/pytorch/pytorch/issues/88868
github.com/pytorch/pytorch/issues/89855
github.com/pytorch/pytorch/pull/89189