{"data":{"slug":"jianchang512-stt","name":"stt","trust":{"provenance":{"is_fork":false,"github_id":736697367,"owner_type":"User","methodology":"github_public_v1","parent_repo":null,"near_duplicate_slugs":[]},"computed_at":"2026-07-11T12:15:37.549Z","maintenance":{"label":"Slowing","score":36,"methodology":"github_public_v1","releases_90d":0,"days_since_push":170,"last_release_at":"2025-08-05T05:09:16Z"},"security_summary":{"status":"findings","scanner":"osv@v1","low_count":21,"high_count":2,"last_scan_at":"2026-07-11T12:15:43.983Z","medium_count":3,"scan_profile":"deps","critical_count":1}},"findings":[{"id":"GHSA-3749-ghw9-m3mg","severity":"low","title":"PyTorch susceptible to local Denial of Service","package":"torch@2.1.2","cve":"CVE-2025-2953","location":"requirements.txt"},{"id":"GHSA-53q9-r3pm-6pq6","severity":"critical","title":"PyTorch: `torch.load` with `weights_only=True` leads to remote code execution","package":"torch@2.1.2","cve":"CVE-2025-32434","location":"requirements.txt"},{"id":"GHSA-5pcm-hx3q-hm94","severity":"high","title":"PyTorch heap buffer overflow vulnerability","package":"torch@2.1.2","cve":"CVE-2024-31580","location":"requirements.txt"},{"id":"GHSA-887c-mr87-cxwp","severity":"medium","title":"PyTorch Improper Resource Shutdown or Release vulnerability","package":"torch@2.1.2","cve":"CVE-2025-3730","location":"requirements.txt"},{"id":"GHSA-c678-jfcj-6jmf","severity":"low","title":"PyTorch Tuple Handler is Vulnerable to Memory Corruption through Manipulation of None Argument","package":"torch@2.1.2","cve":"CVE-2025-2148","location":"requirements.txt"},{"id":"GHSA-f4hp-rmr7-r7v8","severity":"medium","title":"PyTorch is Vulnerable to Memory Consumption through pad_packed_sequence Function","package":"torch@2.1.2","cve":"CVE-2025-2998","location":"requirements.txt"},{"id":"GHSA-pg7h-5qx3-wjr3","severity":"high","title":"Pytorch use-after-free vulnerability","package":"torch@2.1.2","cve":"CVE-2024-31583","location":"requirements.txt"},{"id":"GHSA-qfhq-4f3w-5fph","severity":"low","title":"PyTorch is vulnerable to memory corruption through its torch.lstm_cell function","package":"torch@2.1.2","cve":"CVE-2025-3001","location":"requirements.txt"},{"id":"GHSA-rrmf-rvhw-rf47","severity":"low","title":"PyTorch is vulnerable to memory corruption through its torch.jit.script function","package":"torch@2.1.2","cve":"CVE-2025-3000","location":"requirements.txt"},{"id":"GHSA-vgrw-7cvw-pwgx","severity":"medium","title":"PyTorch is vulnerable to memory corruption through its unpack_sequence function","package":"torch@2.1.2","cve":"CVE-2025-2999","location":"requirements.txt"},{"id":"GHSA-x3gm-94wq-g975","severity":"low","title":"PyTorch: Manipulation of the argument scale/zero_point leads to improper initialization via Quantized Sigmoid Module","package":"torch@2.1.2","cve":"CVE-2025-2149","location":"requirements.txt"},{"id":"PYSEC-2024-250","severity":"low","title":"PYSEC-2024-250","package":"torch@2.1.2","cve":"CVE-2024-31584","location":"requirements.txt"},{"id":"PYSEC-2024-251","severity":"low","title":"PYSEC-2024-251","package":"torch@2.1.2","cve":"CVE-2024-31583","location":"requirements.txt"},{"id":"PYSEC-2024-252","severity":"low","title":"PYSEC-2024-252","package":"torch@2.1.2","cve":"CVE-2024-31580","location":"requirements.txt"},{"id":"PYSEC-2024-259","severity":"low","title":"PYSEC-2024-259","package":"torch@2.1.2","cve":"CVE-2024-48063","location":"requirements.txt"},{"id":"PYSEC-2025-191","severity":"low","title":"PYSEC-2025-191","package":"torch@2.1.2","cve":"CVE-2025-2953","location":"requirements.txt"},{"id":"PYSEC-2025-198","severity":"low","title":"PYSEC-2025-198","package":"torch@2.1.2","cve":"CVE-2025-46148","location":"requirements.txt"},{"id":"PYSEC-2025-203","severity":"low","title":"PYSEC-2025-203","package":"torch@2.1.2","cve":"CVE-2025-55551","location":"requirements.txt"},{"id":"PYSEC-2025-204","severity":"low","title":"PYSEC-2025-204","package":"torch@2.1.2","cve":"CVE-2025-55552","location":"requirements.txt"},{"id":"PYSEC-2025-205","severity":"low","title":"PYSEC-2025-205","package":"torch@2.1.2","cve":"CVE-2025-55553","location":"requirements.txt"},{"id":"PYSEC-2025-206","severity":"low","title":"PYSEC-2025-206","package":"torch@2.1.2","cve":"CVE-2025-55554","location":"requirements.txt"},{"id":"PYSEC-2025-207","severity":"low","title":"PYSEC-2025-207","package":"torch@2.1.2","cve":"CVE-2025-55557","location":"requirements.txt"},{"id":"PYSEC-2025-208","severity":"low","title":"PYSEC-2025-208","package":"torch@2.1.2","cve":"CVE-2025-55558","location":"requirements.txt"},{"id":"PYSEC-2025-209","severity":"low","title":"PYSEC-2025-209","package":"torch@2.1.2","cve":"CVE-2025-55560","location":"requirements.txt"},{"id":"PYSEC-2025-41","severity":"low","title":"PYSEC-2025-41","package":"torch@2.1.2","cve":"CVE-2025-32434","location":"requirements.txt"},{"id":"PYSEC-2026-139","severity":"low","title":"PYSEC-2026-139","package":"torch@2.1.2","cve":"CVE-2026-4538","location":"requirements.txt"},{"id":"PYSEC-2026-1970","severity":"low","title":"PyTorch Improper Resource Shutdown or Release vulnerability","package":"torch@2.1.2","cve":"CVE-2025-3730","location":"requirements.txt"}],"methodology":"github_public_v1"}}