Critical severityNVD Advisory· Published Dec 7, 2022· Updated Apr 22, 2025
CVE-2022-46742
CVE-2022-46742
Description
Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
paddlepaddlePyPI | < 2.4.0 | 2.4.0 |
Affected products
2- Range: 2.4.0-rc0
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-gcjf-29m9-888qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-46742ghsaADVISORY
- github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-002.mdghsaWEB
- github.com/PaddlePaddle/Paddle/commit/26c419ca386aeae3c461faf2b828d00b48e908ebghsaWEB
- github.com/PaddlePaddle/Paddle/pull/47386ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/paddlepaddle/PYSEC-2022-43063.yamlghsaWEB
News mentions
0No linked articles in our index yet.