You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A reachable construct was detected in torch==1.8.1 through my static analysis database. The analysis uncovered more than 5 call chains leading to this construct. Below is one example to illustrate the potential vulnerability:
We suspect that this construct may be vulnerable because it was modified in a security-related patch. This suggests that the original code might have contained a flaw, and it may still be risky to use the affected version (torch==1.8.1) without further investigation.
Note:
This issue was identified through a static analysis of the project at commit [743680b].
The text was updated successfully, but these errors were encountered:
summary
A reachable construct was detected in torch==1.8.1 through my static analysis database. The analysis uncovered more than 5 call chains leading to this construct. Below is one example to illustrate the potential vulnerability:
Call Chain Analysis
compressai.sadl_codec.dataset2latent
└── import torch
└── import torch.jit
└── import torch.jit._script
└── import torch.jit.frontend
└── import torch.jit.annotations
Patch and Code Changes
We suspect that this construct may be vulnerable because it was modified in a security-related patch. This suggests that the original code might have contained a flaw, and it may still be risky to use the affected version (torch==1.8.1) without further investigation.
Note:
This issue was identified through a static analysis of the project at commit [743680b].
The text was updated successfully, but these errors were encountered: