Paddlepaddle

paddlepaddle

33 CVEs • 3 products

Products (3)

Click to collapse

Toggle

CVEs (33)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-1603 1Paddlepaddle 1Paddlepaddle Jan 24, 2025 Mar 23, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file.
CVE-2024-0818 1Paddlepaddle 1Paddlepaddle Jan 23, 2025 Mar 7, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6
CVE-2024-0917 1Paddlepaddle 1Paddlepaddle Jan 19, 2025 Mar 7, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 remote code execution in paddlepaddle/paddle 2.6.0
CVE-2024-0815 1Paddlepaddle 1Paddlepaddle Jan 19, 2025 Mar 7, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0
CVE-2024-0817 1Paddlepaddle 1Paddlepaddle Jan 19, 2025 Mar 7, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0
CVE-2024-0521 1Paddlepaddle 1Paddle Nov 21, 2024 Jan 20, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Code Injection in paddlepaddle/paddle
CVE-2023-52314 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52313 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52312 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52311 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52310 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
CVE-2023-52309 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
CVE-2023-52308 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52307 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
CVE-2023-52306 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52305 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52304 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
CVE-2023-52303 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-52302 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
CVE-2023-38678 1Paddlepaddle 1Paddlepaddle Nov 21, 2024 Jan 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

12 Next