Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:19 a.m.8 views

CVE-2022-45908

In PaddlePaddle before 2.4, paddle.audio.functional.getwindow is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution...

9.8CVSS7.5AI score0.01281EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/11/26 3:30 a.m.2 views

paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2022-45908 via paddlepaddle (=1.8.5)

paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...

9.8CVSS7.2AI score0.01281EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2022/11/26 12:0 a.m.7 views

CVE-2022-45908

In PaddlePaddle before 2.4, paddle.audio.functional.getwindow is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution...

8.1AI score0.01281EPSS
Exploits1References2
CVE
CVE
added 2022/11/26 12:0 a.m.81 views

CVE-2022-45908

PaddlePaddle before 2.4 is affected by a code injection vulnerability in paddle.audio.functional.get_window, which calls eval on a user-supplied winstr. The underlying cause is evaluating untrusted input, potentially leading to arbitrary code execution. The issue is documented across multiple sou...

9.8CVSS9.7AI score0.01281EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder