logo

Database

Lack of data validation In org.pytorch:executorch-android

Description

ExecuTorch vulnerable to Heap-based Buffer Overflow attack A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2025-304022. NVD-2025-304023. OSV-2025-304024. GCVE-2025-30402

References

1. https://github.com/pytorch/executorch/commit/93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f2. https://www.facebook.com/security/advisories/cve-2025-30402

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.