PaddlePaddle Security Advisories

We regularly publish security advisories about using PaddlePaddle.

Note: In conjunction with these security advisories, we strongly encourage PaddlePaddle users to read and understand PaddlePaddle's security model as outlined in SECURITY.md.

Advisory Number	Type	Versions affected	Reported by
PDSA-2023-005	Command injection in fs.py	< 2.5.0	Xiaochen Guo from Huazhong University of Science and Technology
PDSA-2023-004	FPE in paddle.linalg.matrix_power	< 2.5.0	Tong Liu of ShanghaiTech University
PDSA-2023-003	Heap buffer overflow in paddle.trace	< 2.5.0	Tong Liu of ShanghaiTech University
PDSA-2023-002	Null pointer dereference in paddle.flip	< 2.5.0	Tong Liu of ShanghaiTech University
PDSA-2023-001	Use after free in paddle.diagonal	< 2.5.0	Tong Liu of ShanghaiTech University
PDSA-2022-002	Code injection in paddle.audio.functional.get_window	= 2.4.0-rc0	Tong Liu of ShanghaiTech University
PDSA-2022-001	OOB read in gather_tree	< 2.4	Wang Xuan(王旋) of Qihoo 360 AIVul Team

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

PaddlePaddle Security Advisories

Files

README.md

Latest commit

History

README.md

File metadata and controls

PaddlePaddle Security Advisories