CVE-2025-62372: Unguarded Tensor Base64 Load
Loading tensors directly from base64-encoded strings without prior configuration gating or shape validation can permit a Denial of Service (DoS) attack. If malformed multimodal embeddings or mismatched tensor shapes are passed to downstream operations, the application may crash. Ensure that loading arbitrary tensors is explicitly gated by an opt-in configura
Pythongreprules fetch cve-2025-62372-unguarded-tensor-base64-load --engine opengrepDescription
Loading tensors directly from base64-encoded strings without prior configuration gating or shape validation can permit a Denial of Service (DoS) attack. If malformed multimodal embeddings or mismatched tensor shapes are passed to downstream operations, the application may crash. Ensure that loading arbitrary tensors is explicitly gated by an opt-in configura
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0