Vulnerabilities

 34 via 66 paths

Dependencies

 19

Source

 GitHub

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 2
  • 7
  • 15
  • 10
Status
  • 34
  • 0
  • 0

critical severity

Command Injection

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@1.13.1.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Command Injection in torch.jit.annotations.parse_type_line which can cause arbitrary code execution because eval is used unsafely.

Remediation

Upgrade torch to version 1.13.1 or higher.

References

Command Injection vulnerability report

critical severity

Deserialization of Untrusted Data

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.6.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Deserialization of Untrusted Data when using the torch.load() function on an untrusted model with weights_only=True, which is documented to be secure. (The documentation does note that "Loading un-trusted checkpoint with weights_only=False MUST never be done.") An attacker can cause the contents of a malicious .tar file to be loaded and executed by forcing the use of the legacy_load() function.

Details

Serialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or database or can be sent through streams. The reverse process of creating object from sequence of bytes is called deserialization. Serialization is commonly used for communication (sharing objects between multiple hosts) and persistence (store the object state in a file or a database). It is an integral part of popular protocols like Remote Method Invocation (RMI), Java Management Extension (JMX), Java Messaging System (JMS), Action Message Format (AMF), Java Server Faces (JSF) ViewState, etc.

Deserialization of untrusted data (CWE-502) is when the application deserializes untrusted data without sufficiently verifying that the resulting data will be valid, thus allowing the attacker to control the state or the flow of the execution.

Remediation

Upgrade torch to version 2.6.0 or higher.

References

Deserialization of Untrusted Data vulnerability report

high severity

Deserialization of Untrusted Data

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.10.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the load_state_dict() function, used during unpickling. An attacker can corrupt heap memory by convincing a user to load a malicious checkpoint (.pth) file with torch.load(), when weights_only=True. This can trigger a crash by corrupting opcodes, which may be exploitable to enable code execution.

Details

Serialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or database or can be sent through streams. The reverse process of creating object from sequence of bytes is called deserialization. Serialization is commonly used for communication (sharing objects between multiple hosts) and persistence (store the object state in a file or a database). It is an integral part of popular protocols like Remote Method Invocation (RMI), Java Management Extension (JMX), Java Messaging System (JMS), Action Message Format (AMF), Java Server Faces (JSF) ViewState, etc.

Deserialization of untrusted data (CWE-502) is when the application deserializes untrusted data without sufficiently verifying that the resulting data will be valid, thus allowing the attacker to control the state or the flow of the execution.

Remediation

Upgrade torch to version 2.10.0 or higher.

References

Deserialization of Untrusted Data vulnerability report

high severity

Deserialization of Untrusted Data

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the .pt2 Loading Handler. An attacker can execute arbitrary code or alter application behavior by providing malicious serialized data and deserializing it with weights_only=True.

Details

Serialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or database or can be sent through streams. The reverse process of creating object from sequence of bytes is called deserialization. Serialization is commonly used for communication (sharing objects between multiple hosts) and persistence (store the object state in a file or a database). It is an integral part of popular protocols like Remote Method Invocation (RMI), Java Management Extension (JMX), Java Messaging System (JMS), Action Message Format (AMF), Java Server Faces (JSF) ViewState, etc.

Deserialization of untrusted data (CWE-502) is when the application deserializes untrusted data without sufficiently verifying that the resulting data will be valid, thus allowing the attacker to control the state or the flow of the execution.

Remediation

There is no fixed version for torch.

References

Deserialization of Untrusted Data vulnerability report

high severity

Heap-based Buffer Overflow

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.2.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the /runtime/vararg_functions.cpp component. An attacker can cause a crash or potentially execute arbitrary code by supplying crafted input.

Remediation

Upgrade torch to version 2.2.0 or higher.

References

Heap-based Buffer Overflow vulnerability report

high severity

Buffer Overflow

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.10.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Buffer Overflow through the pad_packed_sequence function in nn/utils/rnn.py. An attacker can corrupt memory by manipulating the internal state of the function.

Remediation

Upgrade torch to version 2.10.0 or higher.

References

Buffer Overflow vulnerability report

high severity

Use After Free

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.2.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Use After Free due to improper handling of memory in the interpreter.cpp component. An attacker can execute arbitrary code or cause a denial of service.

Remediation

Upgrade torch to version 2.2.0 or higher.

References

Use After Free vulnerability report

high severity

Regular Expression Denial of Service (ReDoS)

  • Vulnerable module: future
  • Introduced through: luminol@0.4

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS luminol@0.4 future@0.16.0

Overview

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via a crafted Set-Cookie HEADER from a malicious web server.

Details

Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

Let’s take the following regular expression as an example:

regex = /A(B|C+)+D/

This regular expression accomplishes the following:

  • A The string must start with the letter 'A'
  • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
  • D Finally, we ensure this section of the string ends with a 'D'

The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

It most cases, it doesn't take very long for a regex engine to find a match:

$ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
0.04s user 0.01s system 95% cpu 0.052 total

$ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
1.79s user 0.02s system 99% cpu 1.812 total

The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

  1. CCC
  2. CC+C
  3. C+CC
  4. C+C+C.

The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

From there, the number of steps the engine must use to validate a string just continues to grow.

String Number of C's Number of steps
ACCCX 3 38
ACCCCX 4 71
ACCCCCX 5 136
ACCCCCCCCCCCCCCX 14 65,553

By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

Remediation

Upgrade future to version 0.18.3 or higher.

References

Regular Expression Denial of Service (ReDoS) vulnerability report

high severity

Out-of-bounds Read

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.2.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Out-of-bounds Read due to improper validation of user-supplied input in the flatbuffer_loader.cpp component. An attacker can read sensitive information from out-of-bounds memory locations by supplying crafted input.

Remediation

Upgrade torch to version 2.2.0 or higher.

References

Out-of-bounds Read vulnerability report

medium severity

Buffer Overflow

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.10.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Buffer Overflow due to the unpack_sequence function. An attacker can corrupt memory by manipulating the function's input. This is only exploitable if the attacker has local access to the system.

Remediation

Upgrade torch to version 2.10.0 or higher.

References

Buffer Overflow vulnerability report

medium severity

Improper Check for Unusual or Exceptional Conditions

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.8.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the ctc_loss() function in LossCTC.cpp, when running on a CUDA system. An attacker can cause the application to crash by passing in input with empty tensors.

Details

Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

Two common types of DoS vulnerabilities:

  • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

  • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

Remediation

Upgrade torch to version 2.8.0 or higher.

References

Improper Check for Unusual or Exceptional Conditions vulnerability report

medium severity

Improper Resource Shutdown or Release

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Improper Resource Shutdown or Release through the torch.cuda.nccl.reduce function in the file torch/cuda/nccl.py. An attacker can cause the application to crash by manipulating the function inputs on a local host.

Remediation

A fix was pushed into the master branch but not yet published.

References

Improper Resource Shutdown or Release vulnerability report

medium severity

Race Condition

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@1.10.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Race Condition in the torch.jit.annotations.parse_type_line function. This allowes simultaneous reading and writing the set of devices without synchronizing.

Remediation

Upgrade torch to version 1.10.0 or higher.

References

Race Condition vulnerability report

medium severity

Race Condition

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@1.13.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Race Condition in the database management. This occurred due to concurrent access to shared resources without adequate synchronization, causing unpredictable system behavior.

Remediation

Upgrade torch to version 1.13.0 or higher.

References

Race Condition vulnerability report

medium severity

Storage of Sensitive Data in a Mechanism without Access Control

  • Vulnerable module: scikit-learn
  • Introduced through: scikit-learn@0.21.3

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS scikit-learn@0.21.3
    Remediation: Upgrade to scikit-learn@1.5.0.

Overview

scikit-learn is a Python module for machine learning built on top of SciPy and is distributed under the 3-Clause BSD license.

Affected versions of this package are vulnerable to Storage of Sensitive Data in a Mechanism without Access Control due to the unexpected storage of all tokens present in the training data within the stop_words_ attribute. An attacker can access sensitive information, such as passwords or keys, by exploiting this behavior.

PoC

Limiting vocabulary is a very common setting hence provided by the library. The expected behaviour is that the object stores the frequent tokens, and discards the rest after the fitting process. In theory and practice, the vectorizer only needs the vocabulary and the rest of the possible tokens will be simply non needed, hence should be discarded.

While the object correctly forms the required vocabulary, it stores the rest of the tokens in the `stop_words_ attribute. Therefore stores the entire unique tokens that have been passed in the fitting operation. Below it's demonstrated this:

# ╰─$ pip freeze | grep pandas
# pandas==2.2.1
import pandas as pd
# ╰─$ pip freeze | grep scikit-learn
# scikit-learn==1.4.1.post1
from sklearn.feature_extraction.text import TfidfVectorizer

if __name__ == '__main__':
    # Fitting the vectorizer will save every token presented
    vectorizer = TfidfVectorizer(
        max_features=2,
        # min_df=2/6  # Same results occur with different ways of limiting the vocabulary
    ).fit(
        pd.Series([
            "hello", "world", "hello", "world", "secretkey", "password123"
        ])
    )
    # Expected storage for frequent tokens
    print(vectorizer.vocabulary_)  # {'hello': 0, 'server': 1}
    # Unexpected data leak
    print(vectorizer.stop_words_)  # {'password123', 'secretkey'}

It is demonstrated below that the storage in the stop_words_ attribute is unnecessary. Nullifying the attribute will give the same results:

# ╰─$ pip freeze | grep pandas
# pandas==2.2.1
import pandas as pd
# ╰─$ pip freeze | grep scikit-learn
# scikit-learn==1.4.1.post1
from sklearn.feature_extraction.text import TfidfVectorizer

if __name__ == '__main__':
    # Fitting the vectorizer will save every token presented
    vectorizer = TfidfVectorizer(
        max_features=2,
        # min_df=2/6  # Same results occur with different ways of limiting the vocabulary
    ).fit(
        pd.Series([
            "hello", "world", "hello", "world", "secretkey", "password123"
        ])
    )
    # Expected storage for frequent tokens
    print(vectorizer.vocabulary_)  # {'hello': 0, 'server': 1}
    # Unexpected data leak
    print(vectorizer.stop_words_)  # {'password123', 'secretkey'}

    # Wiping-out the stop_words_ attribute does not change the behaviour
    print(vectorizer.transform(["hello world"]).toarray())  # [[0.70710678 0.70710678]]
    vectorizer.stop_words_ = None
    assert vectorizer.stop_words_ is None
    print(vectorizer.transform(["hello world"]).toarray())  # [[0.70710678 0.70710678]]

Remediation

Upgrade scikit-learn to version 1.5.0 or higher.

References

Storage of Sensitive Data in a Mechanism without Access Control vulnerability report

medium severity

Improper Handling of Undefined Values

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.8.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Improper Handling of Undefined Values in the torch.cummin component when compiling a model with Inductor. An attacker can cause the application to crash or become unresponsive by submitting a specially crafted model that triggers a name resolution error during compilation.

Remediation

Upgrade torch to version 2.8.0 or higher.

References

Improper Handling of Undefined Values vulnerability report

medium severity

Improper Validation of Syntactic Correctness of Input

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.8.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the torch.Tensor.random_() function when a model is compiled with Inductor. An attacker can cause the application to crash or become unresponsive by triggering a syntax error.

Remediation

Upgrade torch to version 2.8.0 or higher.

References

Improper Validation of Syntactic Correctness of Input vulnerability report

medium severity

Improper Resource Shutdown or Release

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.7.1.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the torch.mkldnn_max_pool2d function. An attacker can disrupt service by exploiting this vulnerability locally and causing a Floating point exception crash.

PoC

import torch

x = torch.randn(2, 64, 32, 32).to_mkldnn()
out2 = torch.mkldnn_max_pool2d(x, kernel_size=3, stride=0)

Remediation

Upgrade torch to version 2.7.1 or higher.

References

Improper Resource Shutdown or Release vulnerability report

medium severity

Mismatched Memory Management Routines

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Mismatched Memory Management Routines through the torch.cuda.memory.caching_allocator_delete function. An attacker can corrupt memory by manipulating the function locally.

Remediation

There is no fixed version for torch.

References

Mismatched Memory Management Routines vulnerability report

medium severity

Out-of-bounds Write

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Out-of-bounds Write when using @torch.jit.script. An attacker can corrupt memory by manipulating the function's input.

Note: This is only exploitable if the attacker has local access to the system.

Remediation

There is no fixed version for torch.

References

Out-of-bounds Write vulnerability report

medium severity

Out-of-bounds Write

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Out-of-bounds Write due to the torch.lstm_cell function. An attacker can corrupt memory by manipulating the function's input.

Note: This is only exploitable if the attacker has local access to the system.

Remediation

A fix was pushed into the master branch but not yet published.

References

Out-of-bounds Write vulnerability report

medium severity

Out-of-bounds Write

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Out-of-bounds Write through the torch.jit.jit_module_from_flatbuffer function. An attacker can corrupt memory by manipulating the input data to this function.

Remediation

There is no fixed version for torch.

References

Out-of-bounds Write vulnerability report

medium severity

Injection

  • Vulnerable module: tqdm
  • Introduced through: tqdm@4.35.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS tqdm@4.35.0
    Remediation: Upgrade to tqdm@4.66.3.

Overview

Affected versions of this package are vulnerable to Injection due to the handling of optional non-boolean CLI arguments such as --delim, --buf-size, --manpath through python's eval function. An attacker can execute arbitrary code by injecting malicious input into these arguments.

PoC


python -m tqdm --manpath="\" + str(exec(\"import os\nos.system('echo hi && killall python3')\")) + \""

Remediation

Upgrade tqdm to version 4.66.3 or higher.

References

Injection vulnerability report

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the torch.nan_to_num() function when used with .long() to convert float("inf") in eager mode. An attacker can cause unexpected behavior by providing specially crafted input that triggers an integer overflow.

Remediation

There is no fixed version for torch.

References

Integer Overflow or Wraparound vulnerability report

low severity

Buffer Overflow

  • Vulnerable module: numpy
  • Introduced through: numpy@1.16.4, luminol@0.4 and others

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS numpy@1.16.4
    Remediation: Upgrade to numpy@1.22.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS luminol@0.4 numpy@1.16.4
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS matplotlib@3.1.1 numpy@1.16.4
    Remediation: Upgrade to matplotlib@3.1.1.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS pandas@0.25.0 numpy@1.16.4
    Remediation: Upgrade to pandas@2.1.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS scikit-learn@0.21.3 numpy@1.16.4
    Remediation: Upgrade to scikit-learn@1.3.1.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0 numpy@1.16.4
    Remediation: Upgrade to torch@1.4.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 matplotlib@3.1.1 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 pandas@0.25.0 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.

Overview

numpy is a fundamental package needed for scientific computing with Python.

Affected versions of this package are vulnerable to Buffer Overflow due to missing boundary checks in the array_from_pyobj function of fortranobject.c. This may allow an attacker to conduct Denial of Service by carefully constructing an array with negative values.

Remediation

Upgrade numpy to version 1.22.0 or higher.

References

Buffer Overflow vulnerability report

low severity

Buffer Overflow

  • Vulnerable module: numpy
  • Introduced through: numpy@1.16.4, luminol@0.4 and others

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS numpy@1.16.4
    Remediation: Upgrade to numpy@1.21.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS luminol@0.4 numpy@1.16.4
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS matplotlib@3.1.1 numpy@1.16.4
    Remediation: Upgrade to matplotlib@3.1.1.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS pandas@0.25.0 numpy@1.16.4
    Remediation: Upgrade to pandas@2.1.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS scikit-learn@0.21.3 numpy@1.16.4
    Remediation: Upgrade to scikit-learn@1.3.1.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0 numpy@1.16.4
    Remediation: Upgrade to torch@1.4.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 matplotlib@3.1.1 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 pandas@0.25.0 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.

Overview

numpy is a fundamental package needed for scientific computing with Python.

Affected versions of this package are vulnerable to Buffer Overflow in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code.

Remediation

Upgrade numpy to version 1.21.0rc1 or higher.

References

Buffer Overflow vulnerability report

low severity

Denial of Service (DoS)

  • Vulnerable module: numpy
  • Introduced through: numpy@1.16.4, luminol@0.4 and others

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS numpy@1.16.4
    Remediation: Upgrade to numpy@1.22.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS luminol@0.4 numpy@1.16.4
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS matplotlib@3.1.1 numpy@1.16.4
    Remediation: Upgrade to matplotlib@3.1.1.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS pandas@0.25.0 numpy@1.16.4
    Remediation: Upgrade to pandas@2.1.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS scikit-learn@0.21.3 numpy@1.16.4
    Remediation: Upgrade to scikit-learn@1.3.1.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0 numpy@1.16.4
    Remediation: Upgrade to torch@1.4.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 matplotlib@3.1.1 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 pandas@0.25.0 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.

Overview

numpy is a fundamental package needed for scientific computing with Python.

Affected versions of this package are vulnerable to Denial of Service (DoS) due to an incomplete string comparison in the numpy.core component, which may allow attackers to fail the APIs via constructing specific string objects.

Details

Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

Two common types of DoS vulnerabilities:

  • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

  • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

Remediation

Upgrade numpy to version 1.22.0rc1 or higher.

References

Denial of Service (DoS) vulnerability report

low severity

NULL Pointer Dereference

  • Vulnerable module: numpy
  • Introduced through: numpy@1.16.4, luminol@0.4 and others

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS numpy@1.16.4
    Remediation: Upgrade to numpy@1.22.2.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS luminol@0.4 numpy@1.16.4
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS matplotlib@3.1.1 numpy@1.16.4
    Remediation: Upgrade to matplotlib@3.1.1.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS pandas@0.25.0 numpy@1.16.4
    Remediation: Upgrade to pandas@2.1.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS scikit-learn@0.21.3 numpy@1.16.4
    Remediation: Upgrade to scikit-learn@1.3.1.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0 numpy@1.16.4
    Remediation: Upgrade to torch@1.4.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 matplotlib@3.1.1 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.
  • Introduced through: pyodds/PyODDS@pyodds/PyODDS seaborn@0.9.0 pandas@0.25.0 numpy@1.16.4
    Remediation: Upgrade to seaborn@0.12.0.

Overview

numpy is a fundamental package needed for scientific computing with Python.

Affected versions of this package are vulnerable to NULL Pointer Dereference due to missing return-value validation in the PyArray_DescrNew function, which may allow attackers to conduct Denial of Service attacks by repetitively creating and sort arrays.

Note: This may likely only happen if application memory is already exhausted, as it requires the newdescr object of the PyArray_DescrNew to evaluate to NULL.

Remediation

Upgrade numpy to version 1.22.2 or higher.

References

NULL Pointer Dereference vulnerability report

low severity

Regular Expression Denial of Service (ReDoS)

  • Vulnerable module: scikit-learn
  • Introduced through: scikit-learn@0.21.3

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS scikit-learn@0.21.3
    Remediation: Upgrade to scikit-learn@0.24.2.

Overview

scikit-learn is a Python module for machine learning built on top of SciPy and is distributed under the 3-Clause BSD license.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the _RE_TYPE_NOMINAL regular expression which is evaluated in _decode_attribute.

Details

Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

Let’s take the following regular expression as an example:

regex = /A(B|C+)+D/

This regular expression accomplishes the following:

  • A The string must start with the letter 'A'
  • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
  • D Finally, we ensure this section of the string ends with a 'D'

The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

It most cases, it doesn't take very long for a regex engine to find a match:

$ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
0.04s user 0.01s system 95% cpu 0.052 total

$ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
1.79s user 0.02s system 99% cpu 1.812 total

The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

  1. CCC
  2. CC+C
  3. C+CC
  4. C+C+C.

The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

From there, the number of steps the engine must use to validate a string just continues to grow.

String Number of C's Number of steps
ACCCX 3 38
ACCCCX 4 71
ACCCCCX 5 136
ACCCCCCCCCCCCCCX 14 65,553

By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

Remediation

Upgrade scikit-learn to version 0.24.2 or higher.

References

Regular Expression Denial of Service (ReDoS) vulnerability report

low severity

Improper Validation of Specified Quantity in Input

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.8.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the ModularIndexing() function when Inductor config is set to constant_and_index_propagation=False. An attacker can cause incorrect computation results by supplying crafted input data.

Remediation

Upgrade torch to version 2.8.0 or higher.

References

Improper Validation of Specified Quantity in Input vulnerability report

low severity

Always-Incorrect Control Flow Implementation

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.9.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation when compiling model with torch.rot90() and torch.randn_like() functions while backend="aot_eager_decomp_partition". An attacker can cause unexpected behavior or potentially manipulate outputs by crafting inputs that trigger the interaction between these functions.

Remediation

Upgrade torch to version 2.9.0 or higher.

References

Always-Incorrect Control Flow Implementation vulnerability report

low severity

Reachable Assertion

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.9.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Reachable Assertion in the torch.linalg.lu() function. In AOTAutograd mode LU decomposition can't accept slice operation and An attacker can cause the application to become unresponsive or crash if backend="aot_eager" by providing specially crafted input.

Note:

The issue is not affecting compilers that are set with backend="eager".

Remediation

Upgrade torch to version 2.9.0 or higher.

References

Reachable Assertion vulnerability report

low severity

Stack-based Buffer Overflow

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.8.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Stack-based Buffer Overflow due to a regression in functorch_maml_omniglot() function in TorchBench. An attacker can cause a denial of service by triggering a buffer overflow when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv and is compiled by Inductor.

Remediation

Upgrade torch to version 2.8.0 or higher.

References

Stack-based Buffer Overflow vulnerability report

low severity

Reachable Assertion

  • Vulnerable module: torch
  • Introduced through: torch@1.1.0

Detailed paths

  • Introduced through: pyodds/PyODDS@pyodds/PyODDS torch@1.1.0
    Remediation: Upgrade to torch@2.8.0.

Overview

torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration

Affected versions of this package are vulnerable to Reachable Assertion when the model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and compiled with Inductor. An attacker can cause the application to become unresponsive or crash by providing specially crafted data.

Remediation

Upgrade torch to version 2.8.0 or higher.

References

Reachable Assertion vulnerability report