paddlepaddle@2.6.2 vulnerabilities

Parallel Distributed Deep Learning

latest version

3.2.0

first published

5 years ago

latest version published

1 months ago

licenses detected

Apache-2.0
[0,)

View paddlepaddle package health on Snyk Advisor (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the paddlepaddle package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M External Control of File Name or Path paddlepaddle is a Parallel Distributed Deep Learning Affected versions of this package are vulnerable to External Control of File Name or Path due to improper handling of external input through `paddle.vision.ops.read_file`. An attacker can achieve data exfiltration or cause a partial impact on data integrity by injecting malicious input. How to fix External Control of File Name or Path? There is no fixed version for `paddlepaddle`.	[0,)

External Control of File Name or Path

paddlepaddle is a Parallel Distributed Deep Learning

Affected versions of this package are vulnerable to External Control of File Name or Path due to improper handling of external input through paddle.vision.ops.read_file. An attacker can achieve data exfiltration or cause a partial impact on data integrity by injecting malicious input.

How to fix External Control of File Name or Path?

There is no fixed version for paddlepaddle.

[0,)

Go back to all versions of this package