Latest version: v2.6.2
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2023-52308 | 70386 |
FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause … |
|
HIGH | 7.5 |
| CVE-2023-52306 | 70387 |
FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause … |
|
HIGH | 7.5 |
| CVE-2023-52313 | 70383 |
FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. … |
|
HIGH | 7.5 |
| CVE-2023-52309 | 70385 |
Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle befo… |
|
CRITICAL | 9.8 |
| CVE-2023-52304 | 70389 |
Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. T… |
|
CRITICAL | 9.8 |
| CVE-2023-38677 | 70393 |
FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can … |
|
HIGH | 7.5 |
| CVE-2024-0521 | 66716 |
PaddlePaddle/Paddle before 2.6.0 is susceptible to a code injection v… |
|
HIGH | 7.8 |
| CVE-2023-38678 | 70392 |
OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can… |
|
HIGH | 7.5 |
| CVE-2023-52302 | 70391 |
Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw c… |
|
HIGH | 7.5 |
| CVE-2023-52312 | 70384 |
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This… |
|
HIGH | 7.5 |
| CVE-2023-52303 | 70390 |
Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This f… |
|
HIGH | 7.5 |
| CVE-2023-38676 | 70394 |
Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cau… |
|
HIGH | 7.5 |
| CVE-2023-38674 | 70395 |
FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can c… |
|
HIGH | 7.5 |
| CVE-2023-52305 | 70388 |
FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause … |
|
HIGH | 7.5 |
| CVE-2024-0818 | 71832 |
Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle af… |
|
- | - |
| CVE-2024-0815 | 71833 |
Command injection in paddle.utils.download._wget_download (bypass fil… |
|
- | - |
| CVE-2024-0817 | 71835 |
Command injection in IrGraph.draw in paddlepaddle/paddle affected ver… |
|
- | - |
| CVE-2024-0917 | 71834 |
Remote code execution in paddlepaddle/paddle affected versions. |
|
- | - |
| CVE-2023-38671 | 65044 |
Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. Th… |
|
CRITICAL | 9.8 |
| CVE-2023-38669 | 65042 |
Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This … |
|
CRITICAL | 9.8 |
| CVE-2022-46742 | 54595 |
Code injection in `paddle.audio.functional.get_window` in PaddlePaddl… |
|
CRITICAL | 9.8 |
| CVE-2023-38670 | 65043 |
Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0.… |
|
HIGH | 7.5 |
| CVE-2023-38673 | 65046 |
PaddlePaddle before 2.5.0 has a command injection in fs.py. This resu… |
|
CRITICAL | 9.8 |
| CVE-2023-38672 | 65045 |
FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause… |
|
HIGH | 7.5 |
| CVE-2023-52310 | 65204 |
PaddlePaddle before 2.6.0 has a command injection in get_online_pass_… |
|
CRITICAL | 9.8 |
| CVE-2023-52314 | 65206 |
PaddlePaddle before 2.6.0 has a command injection in convert_shape_co… |
|
CRITICAL | 9.8 |
| CVE-2023-38675 | 65094 |
FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This f… |
|
HIGH | 7.5 |
| CVE-2023-52311 | 65205 |
PaddlePaddle before 2.6.0 has a command injection in _wget_download. … |
|
CRITICAL | 9.8 |
| CVE-2023-52307 | 65203 |
Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.… |
|
CRITICAL | 9.8 |
| CVE-2022-45908 | 54583 |
In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vul… |
|
CRITICAL | 9.8 |
| CVE-2022-46741 | 54596 |
Out-of-bounds read in `gather_tree` in PaddlePaddle before 2.4. A [pa… |
|
CRITICAL | 9.1 |
| CVE-2024-1603 | 71831 |
paddlepaddle/paddle affected versions allow arbitrary file read via p… |
|
- | - |