torch@2.4.1 vulnerabilities

Tensors and Dynamic neural networks in Python with strong GPU acceleration

latest version

2.4.1
first published

6 years ago
latest version published

14 days ago
licenses detected
- BSD-3-Clause
  [0,)
View torch package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the torch package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Arbitrary Command Injection torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Arbitrary Command Injection through the `torch.distributed.rpc` framework due to missing function validation during RPC calls. An attacker can execute arbitrary commands by leveraging built-in Python functions such as `eval` during multi-CPU RPC communication. How to fix Arbitrary Command Injection? There is no fixed version for `torch`.	[0,)

Arbitrary Command Injection

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Arbitrary Command Injection through the torch.distributed.rpc framework due to missing function validation during RPC calls. An attacker can execute arbitrary commands by leveraging built-in Python functions such as eval during multi-CPU RPC communication.

How to fix Arbitrary Command Injection?

There is no fixed version for torch.

[0,)

Go back to all versions of this package

torch@2.4.1 vulnerabilities

Tensors and Dynamic neural networks in Python with strong GPU acceleration

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities