gitsafehub
github.com/facebookresearch/vggt-omega ↗

facebookresearch/vggt-omega

scanned 2026-05-30 · git 39a0cb8
2 of 6 checks flagged a security issue
🔴 Needs attention
6 checks ran. Start with known oss vulnerabilities below.

Informational scan, not a security audit. How this is computed.

Leaked secretsVulnerable dependenciesKnown OSS vulnerabilities46Risky code patternsMalicious dependencies3Project health8

Security checks

Leaked secrets — Gitleaks none found ✓

API keys, passwords or tokens committed into the repo.

Nothing found by this check. ✓

via Gitleaks v8.21.2 · MIT

Vulnerable dependencies — Trivy none found ✓

Packages you depend on that have known security holes (CVEs).

Nothing found by this check. ✓

via Trivy v0.70.0 · Apache-2.0

Known OSS vulnerabilities — OSV-Scanner 46 found · 2 serious

Your dependencies cross-checked against the OSV vulnerability database.

  • Serious GHSA-53q9-r3pm-6pq6 PyTorch: `torch.load` with `weights_only=True` leads to remote code execution
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Serious GHSA-3f63-hfp8-52jq Arbitrary Code Execution in Pillow
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-39mp-8hj3-5c49 Gradio is Vulnerable to Absolute Path Traversal on Windows with Python 3.13+
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-jmh7-g254-2cq9 Gradio has SSRF via Malicious `proxy_url` Injection in `gr.load()` Config Processing
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-x84v-xcm2-53pg Insufficiently Protected Credentials in Requests
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-hx9q-6w63-j58v orjson does not limit recursion for deeply nested JSON documents
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-pwr2-4v36-6qpr orjson does not limit recursion for deeply nested JSON documents
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-44wm-f244-xhp3 Pillow buffer overflow vulnerability
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-8ghj-p4vj-mr35 Pillow Denial of Service vulnerability
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-j7hp-h8jx-5ppr libwebp: OOB write in BuildHuffmanTable
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Minor GHSA-3749-ghw9-m3mg PyTorch susceptible to local Denial of Service
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Minor GHSA-h3h8-3v2v-rg7m Gradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements_demo.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2024-259 In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing.
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-191 A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnn_max_pool2d. The manipulation leads to denial of service
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-198 In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistance(p=2) produces incorrect results.
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-203 An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-204 pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-205 A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-206 pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-207 A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS).
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-208 A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-209 An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2025-41 PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command E
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI PYSEC-2026-139 A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be pe
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • FYI GHSA-887c-mr87-cxwp PyTorch Improper Resource Shutdown or Release vulnerability
    /workdirs/scan-aa60cfb5-36c7-474f-a0b2-895fe5b6f34f/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
… 21 more not shown

via OSV-Scanner v1.9.2 · Apache-2.0

Risky code patterns — Semgrep none found ✓

Code that can be exploited — injection, hardcoded credentials and similar.

Nothing found by this check. ✓

via Semgrep v1.147.0 · LGPL-2.1

Malicious dependencies — Guarddog 3 found · 2 serious

Packages that look intentionally malicious — typosquats, sneaky install scripts.

  • Serious guarddog-pypi-code-execution code-execution match in numpy 1.26.4
    numpy
    A dependency shows signs of being intentionally malicious (typosquat, hidden install script, etc.). Fix: Don’t install it until you’ve verified the package — consider removing it.
  • Serious guarddog-pypi-exfiltrate-sensitive-data exfiltrate-sensitive-data match in torch 2.12.0
    torch
    A dependency shows signs of being intentionally malicious (typosquat, hidden install script, etc.). Fix: Don’t install it until you’ve verified the package — consider removing it.
  • Worth fixing guarddog-pypi-obfuscation obfuscation match in torch 2.12.0
    torch
    A dependency shows signs of being intentionally malicious (typosquat, hidden install script, etc.). Fix: Don’t install it until you’ve verified the package — consider removing it.

via Guarddog v2.10.0 · Apache-2.0

Project health

A signal about how the project is maintained — not a vulnerability in your code. It doesn’t affect the verdict above.

Project health — OpenSSF Scorecard 8 notes

Maintenance & supply-chain hygiene. A signal about the project — not a vulnerability in your code.

  • Worth fixing scorecard-overall OpenSSF Scorecard overall: 2.7/10
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-CII-Best-Practices CII-Best-Practices scored 0: no effort to earn an OpenSSF best practices badge detected
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Code-Review Code-Review scored 0: Found 0/1 approved changesets -- score normalized to 0
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Contributors Contributors scored 0: project has 0 contributing companies or organizations -- score normalized to 0
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Dependency-Update-Tool Dependency-Update-Tool scored 0: no update tool detected
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Fuzzing Fuzzing scored 0: project is not fuzzed
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Maintained Maintained scored 0: project was created within the last 90 days. Please review its contents carefully
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-SAST SAST scored 0: no SAST tool detected
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.

via OpenSSF Scorecard v5.5.0 · Apache-2.0

About these results. Six open-source checks ran in parallel; every finding is tagged with the tool that produced it. The verdict follows a published rule. False positives and false negatives are normal — a clean scan does not mean the code is secure, and a red verdict does not mean the project is compromised.