Paddle
by PaddlePaddle
Source repositories
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-38678 | Med | 0.24 | 4.7 | 0.00 | Jan 3, 2024 | OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. | ||
| CVE-2023-38677 | Med | 0.24 | 4.7 | 0.00 | Jan 3, 2024 | FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. | ||
| CVE-2023-38676 | Med | 0.24 | 4.7 | 0.00 | Jan 3, 2024 | Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. | ||
| CVE-2023-38675 | Med | 0.24 | 4.7 | 0.00 | Jan 3, 2024 | FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. | ||
| CVE-2023-38674 | Med | 0.24 | 4.7 | 0.00 | Jan 3, 2024 | FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. | ||
| CVE-2023-38672 | Med | 0.24 | 4.7 | 0.01 | Jul 26, 2023 | FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service. | ||
| CVE-2023-38670 | Med | 0.24 | 4.7 | 0.01 | Jul 26, 2023 | Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service. | ||
| CVE-2024-1603 | 0.00 | — | 0.01 | Mar 23, 2024 | paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file. | |||
| CVE-2024-0818 | 0.00 | — | 0.01 | Mar 7, 2024 | Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6 | |||
| CVE-2024-0917 | 0.00 | — | 0.02 | Mar 7, 2024 | remote code execution in paddlepaddle/paddle 2.6.0 | |||
| CVE-2024-0815 | 0.00 | — | 0.01 | Mar 7, 2024 | Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0 | |||
| CVE-2024-0817 | 0.00 | — | 0.01 | Mar 7, 2024 | Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0 |
- risk 0.24cvss 4.7epss 0.00
OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
- risk 0.24cvss 4.7epss 0.00
FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
- risk 0.24cvss 4.7epss 0.00
Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
- risk 0.24cvss 4.7epss 0.00
FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
- risk 0.24cvss 4.7epss 0.00
FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
- risk 0.24cvss 4.7epss 0.01
FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service.
- risk 0.24cvss 4.7epss 0.01
Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service.
- CVE-2024-1603Mar 23, 2024risk 0.00cvss —epss 0.01
paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file.
- CVE-2024-0818Mar 7, 2024risk 0.00cvss —epss 0.01
Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6
- CVE-2024-0917Mar 7, 2024risk 0.00cvss —epss 0.02
remote code execution in paddlepaddle/paddle 2.6.0
- CVE-2024-0815Mar 7, 2024risk 0.00cvss —epss 0.01
Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0
- CVE-2024-0817Mar 7, 2024risk 0.00cvss —epss 0.01
Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0
Page 2 of 2