Количество 2
Количество 2
CVE-2025-62608
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load() when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds read, leading to crash or information disclosure. This issue has been patched in version 0.29.4.
GHSA-w6vg-jg77-2qg6
MLX has heap-buffer-overflow in load()
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-62608 MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load() when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds read, leading to crash or information disclosure. This issue has been patched in version 0.29.4. | CVSS3: 9.1 | 0% Низкий | 3 месяца назад |
| GHSA-w6vg-jg77-2qg6 MLX has heap-buffer-overflow in load() | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу