Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:19 a.m.8 views

CVE-2022-45908

In PaddlePaddle before 2.4, paddle.audio.functional.getwindow is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution...

9.8CVSS7.5AI score0.01281EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/11/26 3:30 a.m.2 views

paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2022-45908 via paddlepaddle (=1.8.5)

paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...

9.8CVSS7.2AI score0.01281EPSS
Exploits1
CVE
CVE
added 2022/11/26 12:0 a.m.80 views

CVE-2022-45908

PaddlePaddle before 2.4 is affected by a code injection vulnerability in paddle.audio.functional.get_window, which calls eval on a user-supplied winstr. The underlying cause is evaluating untrusted input, potentially leading to arbitrary code execution. The issue is documented across multiple sou...

9.8CVSS9.7AI score0.01281EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/26 12:0 a.m.7 views

CVE-2022-45908

In PaddlePaddle before 2.4, paddle.audio.functional.getwindow is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution...

8.1AI score0.01281EPSS
Exploits1References2
Rows per page
Query Builder