Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/37120?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37120?format=api", "vulnerability_id": "VCID-fzd6-jxxp-h7c8", "summary": "PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True.", "aliases": [ { "alias": "CVE-2025-46153" }, { "alias": "PYSEC-2025-202" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/46367?format=api", "purl": "pkg:pypi/torch@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cvu-c3jj-yyhx" }, { "vulnerability": "VCID-dm2h-xssw-xqhb" }, { "vulnerability": "VCID-jqpq-n5zb-2ydh" }, { "vulnerability": "VCID-rr2u-g78b-yfev" }, { "vulnerability": "VCID-tw2j-udhp-nydv" }, { "vulnerability": "VCID-vy3e-sq4h-eybf" }, { "vulnerability": "VCID-x8ck-txve-s7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/torch@2.7.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/45018?format=api", "purl": "pkg:pypi/torch@2.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cvu-c3jj-yyhx" }, { "vulnerability": "VCID-8u6v-jzkr-nkb4" }, { "vulnerability": "VCID-dm2h-xssw-xqhb" }, { "vulnerability": "VCID-fzd6-jxxp-h7c8" }, { "vulnerability": "VCID-jqpq-n5zb-2ydh" }, { "vulnerability": "VCID-rr2u-g78b-yfev" }, { "vulnerability": "VCID-tw2j-udhp-nydv" }, { "vulnerability": "VCID-vy3e-sq4h-eybf" }, { "vulnerability": "VCID-w8cd-83qu-uygf" }, { "vulnerability": "VCID-x8ck-txve-s7gy" }, { "vulnerability": "VCID-xgau-bn5a-t3cg" }, { "vulnerability": "VCID-z22a-fyhr-bbg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/torch@2.6.0" } ], "references": [ { "reference_url": "https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a" }, { "reference_url": "https://gist.github.com/shaoyuyoung/e636f2e7a306105b7e96809e2b85c28a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://gist.github.com/shaoyuyoung/e636f2e7a306105b7e96809e2b85c28a" }, { "reference_url": "https://github.com/pytorch/pytorch/compare/v2.6.0...v2.7.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://github.com/pytorch/pytorch/compare/v2.6.0...v2.7.0" }, { "reference_url": "https://github.com/pytorch/pytorch/issues/142853", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://github.com/pytorch/pytorch/issues/142853" }, { "reference_url": "https://github.com/pytorch/pytorch/pull/143460", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://github.com/pytorch/pytorch/pull/143460" } ], "weaknesses": [], "exploits": [], "severity_range_score": "5.3 - 5.3", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fzd6-jxxp-h7c8" }