Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS0yd2NqLXFyNzYtOTc2OM4AA4K6

Moderate EPSS: 0.00113% (0.3114 Percentile) EPSS:
Permalink JSON

PaddlePaddle segfault in paddle.put_along_axis

Affected Packages Affected Versions Fixed Versions
pypi:paddlepaddle < 2.6.0 2.6.0
58 Dependent packages
2,208 Dependent repositories
545,565 Downloads last month

Affected Version Ranges

All affected versions

1.6.0, 1.6.1, 1.6.2, 1.6.3, 1.7.0, 1.7.1, 1.7.2, 1.8.0, 1.8.1, 1.8.2, 1.8.3, 1.8.4, 1.8.5, 2.0.0, 2.0.1, 2.0.2, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.4.2, 2.5.0, 2.5.1, 2.5.2

All unaffected versions

2.6.0, 2.6.1, 2.6.2, 3.0.0, 3.1.0

Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.

References:

Identifiers

GHSA-2wcj-qr76-9768

CVE-2023-52303

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00113

EPSS Percentile: 0.3114

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/PaddlePaddle/Paddle

Date and time

Published

over 1 year ago

Updated

8 months ago

API

JSON