Out-of-Bounds Read in PaddlePaddle by PaddlePaddle
CVE-2022-46741

7.1HIGH

Key Information:

Vendor: Paddlepaddle
Status: Paddlepaddle
Vendor: CVE Published:; 7 December 2022

🔔 Create Paddlepaddle Vulnerability Alert

What is CVE-2022-46741?

An out-of-bounds read vulnerability in the 'gather_tree' function of PaddlePaddle may potentially expose sensitive data or lead to unexpected behaviors. This issue impacts versions of PaddlePaddle released prior to 2.4. Users are advised to update their installations to mitigate potential security risks. For further details, refer to the official security advisory available at PaddlePaddle's GitHub repository.

Affected Version(s)

PaddlePaddle 0 < 2.4

References

https://github.com/PaddlePaddle/Paddle/blob/develop/secur...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 7, 2022
Vulnerability Reserved
Dec 7, 2022

CVE-2022-46741 Data

JSON