paddlepaddle@2.5.0rc1 vulnerabilities
Parallel Distributed Deep Learning
-
latest version
2.6.1
-
first published
4 years ago
-
latest version published
2 months ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the paddlepaddle package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to External Control of File Name or Path due to improper handling of external input through How to fix External Control of File Name or Path? There is no fixed version for |
[0,)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to Path Traversal due to improper limitation of a pathname to a restricted directory. An attacker can overwrite arbitrary files by submitting a crafted input containing "../" sequences to traverse directories. Notes:
How to fix Path Traversal? Upgrade |
[,2.6.1)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to Command Injection due to improper validation of user-supplied input in the How to fix Command Injection? Upgrade |
[,2.6.1)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to OS Command Injection due to improper input validation in the Note: Depending on the context in which this code is used, this could lead to unauthorized access, data loss, or other potentially harmful consequences. How to fix OS Command Injection? Upgrade |
[,2.6.1)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to Code Injection due to improper validation of user-supplied input. An attacker can execute arbitrary code on the system by sending a crafted request. How to fix Code Injection? Upgrade |
[,2.6.1)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the How to fix Improper Control of Generation of Code ('Code Injection')? Upgrade |
[,2.6.0)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to Divide By Zero via the How to fix Divide By Zero? Upgrade |
[,2.6.0)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to OS Command Injection via the How to fix OS Command Injection? Upgrade |
[,2.6.0)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to OS Command Injection via the How to fix OS Command Injection? Upgrade |
[,2.6.0)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') via the How to fix Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')? Upgrade |
[,2.6.0)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to OS Command Injection via the How to fix OS Command Injection? Upgrade |
[,2.6.0)
|
paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to Command Injection in How to fix Command Injection? Upgrade |
[,2.5.0)
|