Medium severity4.7NVD Advisory· Published Jul 26, 2023· Updated Jun 17, 2026
CVE-2023-38670
CVE-2023-38670
Description
Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
paddlepaddlePyPI | < 2.5.0 | 2.5.0 |
Affected products
2- Range: 0
Patches
Vulnerability mechanics
References
5- github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-002.mdnvdExploitPatchVendor AdvisoryWEB
- github.com/advisories/GHSA-rr46-m366-gm44ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-38670ghsaADVISORY
- github.com/PaddlePaddle/Paddle/commit/ed96baeed19b4e11b6cbc2dcc6776245ba5fab13ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/paddlepaddle/PYSEC-2023-123.yamlghsaWEB
News mentions
0No linked articles in our index yet.