What is GHSA-rrmf-rvhw-rf47?

GHSA-rrmf-rvhw-rf47 is a security advisory published by GitHub Security Advisories with Low severity. PyTorch is vulnerable to memory corruption through its torch.jit.script function

Which CVE IDs does GHSA-rrmf-rvhw-rf47 cover?

GHSA-rrmf-rvhw-rf47 covers the following CVE IDs: CVE-2025-3000. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-rrmf-rvhw-rf47?

GHSA-rrmf-rvhw-rf47 has a CVSS v3 base score of 5.3, published by GitHub Security Advisories.

Which products are affected by GHSA-rrmf-rvhw-rf47?

GHSA-rrmf-rvhw-rf47 affects 1 product, including: pip/torch:\u003c= 2.12.0.

GHSA-rrmf-rvhw-rf47LowCVSS 5.3

PyTorch is vulnerable to memory corruption through its torch.jit.script function

Vendor

GitHub Security Advisories

Published

March 31, 2025

Last Modified

June 10, 2026

🔗 CVE IDs covered (1)

CVE-2025-3000 →

📋 Description

A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

🎯 Affected products1

pip/torch:<= 2.12.0

🔗 References (8)

https://nvd.nist.gov/vuln/detail/CVE-2025-3000
https://github.com/pytorch/pytorch/issues/149623
https://github.com/pytorch/pytorch/issues/149623#issue-2935703015
https://vuldb.com/?ctiid.302049
https://vuldb.com/?id.302049
https://vuldb.com/?submit.524197
https://github.com/pypa/advisory-database/tree/main/vulns/torch/PYSEC-2025-194.yaml
https://github.com/advisories/GHSA-rrmf-rvhw-rf47