mmaitre314 CVE Vulnerabilities & Metrics

Focus on mmaitre314 vulnerabilities and metrics.

Last updated: 16 Apr 2025, 22:25 UTC

About mmaitre314 Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with mmaitre314. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total mmaitre314 CVEs: 2
Earliest CVE date: 10 Mar 2025, 12:15 UTC
Latest CVE date: 10 Mar 2025, 12:15 UTC

Latest CVE reference: CVE-2025-1945

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 2

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical mmaitre314 CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS mmaitre314 CVEs

These are the five CVEs with the highest CVSS scores for mmaitre314, sorted by severity first and recency.

CVE-2025-1945 mmaitre314 Published on 10 Mar 2025, 12:15 UTC (CVSS: 0)
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a co...
CVE-2025-1944 mmaitre314 Published on 10 Mar 2025, 12:15 UTC (CVSS: 0)
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the mod...

All CVEs for mmaitre314

CVE-2025-1945 mmaitre314 vulnerability CVSS: 0 10 Mar 2025, 12:15 UTC

picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a compromised model.

CVE-2025-1944 mmaitre314 vulnerability CVSS: 0 10 Mar 2025, 12:15 UTC

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection.