Critical severityNVD Advisory· Published Nov 26, 2022· Updated Apr 25, 2025
CVE-2022-45908
CVE-2022-45908
Description
In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
paddlepaddlePyPI | < 2.4 | 2.4 |
Affected products
2- PaddlePaddle/PaddlePaddledescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.