Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS01NDdtLTIzeDctY3hnNc4AA4K3

Moderate EPSS: 0.00122% (0.32471 Percentile) EPSS:
Permalink JSON

PaddlePaddle null pointer dereference in paddle.nextafter

Affected Packages Affected Versions Fixed Versions
pypi:PaddlePaddle
PURL: pkg:pypi/paddlepaddle
< 2.6.0 2.6.0
58 Dependent packages
2,208 Dependent repositories
525,656 Downloads last month

Affected Version Ranges

All affected versions

1.6.0, 1.6.1, 1.6.2, 1.6.3, 1.7.0, 1.7.1, 1.7.2, 1.8.0, 1.8.1, 1.8.2, 1.8.3, 1.8.4, 1.8.5, 2.0.0, 2.0.1, 2.0.2, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.4.2, 2.5.0, 2.5.1, 2.5.2

All unaffected versions

2.6.0, 2.6.1, 2.6.2, 3.0.0, 3.1.0, 3.1.1

Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

References:

Identifiers

GHSA-547m-23x7-cxg5

CVE-2023-52302

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00122

EPSS Percentile: 0.32471

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/PaddlePaddle/Paddle

Date and time

Published

over 1 year ago

Updated

10 months ago

API

JSON