CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
57.0%
Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition.
Vendor | Product | Version | CPE |
---|---|---|---|
paddlepaddle | paddlepaddle | * | cpe:2.3:a:paddlepaddle:paddlepaddle:*:*:*:*:*:*:*:* |
github.com/advisories/GHSA-8wfh-qxxv-3q8c
github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-001.md
github.com/PaddlePaddle/Paddle/commit/43981874f5e1683b855eab871092fa9be58d6a44
github.com/pypa/advisory-database/tree/main/vulns/paddlepaddle/PYSEC-2023-122.yaml
nvd.nist.gov/vuln/detail/CVE-2023-38669