Numeric Range Comparison Without Minimum Check in torch

CVE-2025-46148

torch

Medium

5.3/10

Summary

In PyTorch versions through 2.7.1, when eager is used, 'nn.PairwiseDistance(p=2)' produces incorrect results.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-839 - Numeric Range Comparison Without Minimum Check

The program checks a value to ensure that it is less than or equal to a maximum, but it does not also verify that the value is greater than or equal to the minimum.

References

Advisory
Disclosure
Issue
Pull request

Advisory Timeline

Published Sep 25, 2025

Numeric Range Comparison Without Minimum Check in torch

CVE-2025-46148

Summary

CWE-839 - Numeric Range Comparison Without Minimum Check

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS