Skip to content

Latest commit

 

History

History
36 lines (30 loc) · 5.97 KB

README.md

File metadata and controls

36 lines (30 loc) · 5.97 KB

PaddlePaddle Security Advisories

We regularly publish security advisories about using PaddlePaddle.

Note: In conjunction with these security advisories, we strongly encourage PaddlePaddle users to read and understand PaddlePaddle's security model as outlined in SECURITY.md.

Advisory Number Type Versions affected Reported by Additional Information
PDSA-2023-023 Command injection in convert_shape_compare < 2.6.0 leeya_bug
PDSA-2023-022 FPE in paddle.argmin and paddle.argmax < 2.6.0 Peng Zhou (zpbrent) from Shanghai University
PDSA-2023-021 Null pointer dereference in paddle.crop < 2.6.0 Peng Zhou (zpbrent) from Shanghai University
PDSA-2023-020 Command injection in _wget_download < 2.6.0 huntr.com
PDSA-2023-019 Command injection in get_online_pass_interval < 2.6.0 huntr.com and leeya_bug
PDSA-2023-018 Heap buffer overflow in paddle.repeat_interleave < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-017 FPE in paddle.amin < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-016 Stack overflow in paddle.linalg.lu_unpack < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-015 FPE in paddle.lerp < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-014 FPE in paddle.topk < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-013 Stack overflow in paddle.searchsorted < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-012 Segfault in paddle.put_along_axis < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-011 Null pointer dereference in paddle.nextafter < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-010 Segfault in paddle.mode < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-009 FPE in paddle.linalg.eig < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-008 Segfault in paddle.dot < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-007 FPE in paddle.linalg.matrix_rank < 2.6.0 Tong Liu of ShanghaiTech University
PDSA-2023-006 FPE in paddle.nanmedian < 2.6.0 Tong Liu of ShanghaiTech University
PDSA-2023-005 Command injection in fs.py < 2.5.0 Xiaochen Guo from Huazhong University of Science and Technology
PDSA-2023-004 FPE in paddle.linalg.matrix_power < 2.5.0 Tong Liu of ShanghaiTech University
PDSA-2023-003 Heap buffer overflow in paddle.trace < 2.5.0 Tong Liu of ShanghaiTech University
PDSA-2023-002 Null pointer dereference in paddle.flip < 2.5.0 Tong Liu of ShanghaiTech University
PDSA-2023-001 Use after free in paddle.diagonal < 2.5.0 Tong Liu of ShanghaiTech University
PDSA-2022-002 Code injection in paddle.audio.functional.get_window = 2.4.0-rc0 Tong Liu of ShanghaiTech University
PDSA-2022-001 OOB read in gather_tree < 2.4 Wang Xuan(王旋) of Qihoo 360 AIVul Team