我们在此定期发布飞桨安全公告。
注:我们非常建议飞桨用户阅读和理解SECURITY_cn.md所介绍的飞桨安全模型,以便更好地了解此安全公告。
| 安全公告编号 | 类型 | 受影响版本 | 报告者 | 备注 |
|---|---|---|---|---|
| PDSA-2023-005 | Command injection in fs.py | < 2.5.0 | Xiaochen Guo from Huazhong University of Science and Technology | |
| PDSA-2023-004 | FPE in paddle.linalg.matrix_power | < 2.5.0 | Tong Liu of ShanghaiTech University | |
| PDSA-2023-003 | Heap buffer overflow in paddle.trace | < 2.5.0 | Tong Liu of ShanghaiTech University | |
| PDSA-2023-002 | Null pointer dereference in paddle.flip | < 2.5.0 | Tong Liu of ShanghaiTech University | |
| PDSA-2023-001 | Use after free in paddle.diagonal | < 2.5.0 | Tong Liu of ShanghaiTech University | |
| PDSA-2022-002 | Code injection in paddle.audio.functional.get_window | = 2.4.0-rc0 | Tong Liu of ShanghaiTech University | |
| PDSA-2022-001 | OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team |