Sign In

CVE-2025-2149

ADVISORY - nist

Summary

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnq_Sigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zero_point leads to improper initialization. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

EPSS Score: 0.00051 (0.159)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-665

Improper Initialization

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2025-2149
EXPLOITABILITY SCORE

1

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-665

CVSS SCORE

2low

Debian

CREATED

UPDATED

ADVISORY IDCVE-2025-2149
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2025-2149
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

PypA

CREATED

UPDATED

ADVISORY ID

PYSEC-2025-190

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2low

Bitnami

CREATED

UPDATED

ADVISORY ID

BIT-pytorch-2025-2149

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2low