Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Paddlepaddle Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-46742 1 Paddlepaddle 1 Paddlepaddle 2022-12-08 N/A 9.8 CRITICAL
Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.
CVE-2022-46741 1 Paddlepaddle 1 Paddlepaddle 2022-12-08 N/A 9.1 CRITICAL
Out-of-bounds read in gather_tree in PaddlePaddle before 2.4.
CVE-2022-45908 1 Paddlepaddle 1 Paddlepaddle 2022-12-01 N/A 9.8 CRITICAL
In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution.
CVE-2022-31523 1 Paddlepaddle 1 Anakin 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.