Gxh

**Name of the Vulnerable Software and Affected Versions** PyTorch versions prior to 2.4.1 **Description** The issue concerns the RemoteModule in PyTorch, which is reported to have Deserialization RCE. However, it is noted that this behavior is intended in PyTorch distributed computing and is disputed by multiple parties. **Recommendations** For versions prior to 2.4.1, consider restricting the use of the RemoteModule to minimize the risk of exploitation until a clearer resolution or guidance is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chainer version 7.8.1.post1 **Description** A Deserialization of Untrusted Data issue allows for the execution of arbitrary code. **Recommendations** For version 7.8.1.post1, update to a version that fixes the Deserialization of Untrusted Data issue to prevent arbitrary code execution.