CVE-2022-45907

Published: 26 November 2022

In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.

Priority

CVSS 3 base score: 9.8

Status

Package	Release	Status
pytorch Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Does not exist
	jammy	Needs triage
	kinetic	Does not exist
	trusty	Ignored (out of standard support)
	upstream	Needs triage
	xenial	Ignored (out of standard support)

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.