You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: security/README.md
+27-9Lines changed: 27 additions & 9 deletions
Original file line number
Diff line number
Diff line change
@@ -7,12 +7,30 @@ We regularly publish security advisories about using PaddlePaddle.
7
7
*Note*: In conjunction with these security advisories, we strongly encourage PaddlePaddle users to read and understand PaddlePaddle's security model as outlined in [SECURITY.md](../SECURITY.md).
8
8
9
9
10
-
| Advisory Number | Type | Versions affected | Reported by | Additional Information |
|[PDSA-2023-005](./advisory/pdsa-2023-005.md)| Command injection in fs.py | < 2.5.0 | Xiaochen Guo from Huazhong University of Science and Technology ||
13
-
|[PDSA-2023-004](./advisory/pdsa-2023-004.md)| FPE in paddle.linalg.matrix_power | < 2.5.0 | Tong Liu of ShanghaiTech University ||
14
-
|[PDSA-2023-003](./advisory/pdsa-2023-003.md)| Heap buffer overflow in paddle.trace | < 2.5.0 | Tong Liu of ShanghaiTech University ||
15
-
|[PDSA-2023-002](./advisory/pdsa-2023-002.md)| Null pointer dereference in paddle.flip | < 2.5.0 | Tong Liu of ShanghaiTech University ||
16
-
|[PDSA-2023-001](./advisory/pdsa-2023-001.md)| Use after free in paddle.diagonal | < 2.5.0 | Tong Liu of ShanghaiTech University ||
17
-
|[PDSA-2022-002](./advisory/pdsa-2022-002.md)| Code injection in paddle.audio.functional.get_window | = 2.4.0-rc0 | Tong Liu of ShanghaiTech University ||
18
-
|[PDSA-2022-001](./advisory/pdsa-2022-001.md)| OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team ||
10
+
| Advisory Number | Type | Versions affected | Reported by | Additional Information |
|[PDSA-2023-018](./advisory/pdsa-2023-018.md)| Heap buffer overflow in paddle.repeat_interleave | < 2.6.0 | Tong Liu of CAS-IIE ||
18
+
|[PDSA-2023-017](./advisory/pdsa-2023-017.md)| FPE in paddle.amin | < 2.6.0 | Tong Liu of CAS-IIE ||
19
+
|[PDSA-2023-016](./advisory/pdsa-2023-016.md)| Stack overflow in paddle.linalg.lu_unpack | < 2.6.0 | Tong Liu of CAS-IIE ||
20
+
|[PDSA-2023-015](./advisory/pdsa-2023-015.md)| FPE in paddle.lerp | < 2.6.0 | Tong Liu of CAS-IIE ||
21
+
|[PDSA-2023-014](./advisory/pdsa-2023-014.md)| FPE in paddle.topk | < 2.6.0 | Tong Liu of CAS-IIE ||
22
+
|[PDSA-2023-013](./advisory/pdsa-2023-013.md)| Stack overflow in paddle.searchsorted | < 2.6.0 | Tong Liu of CAS-IIE ||
23
+
|[PDSA-2023-012](./advisory/pdsa-2023-012.md)| Segfault in paddle.put_along_axis | < 2.6.0 | Tong Liu of CAS-IIE ||
24
+
|[PDSA-2023-011](./advisory/pdsa-2023-011.md)| Null pointer dereference in paddle.nextafter | < 2.6.0 | Tong Liu of CAS-IIE ||
25
+
|[PDSA-2023-010](./advisory/pdsa-2023-010.md)| Segfault in paddle.mode | < 2.6.0 | Tong Liu of CAS-IIE ||
26
+
|[PDSA-2023-009](./advisory/pdsa-2023-009.md)| FPE in paddle.linalg.eig | < 2.6.0 | Tong Liu of CAS-IIE ||
27
+
|[PDSA-2023-008](./advisory/pdsa-2023-008.md)| Segfault in paddle.dot | < 2.6.0 | Tong Liu of CAS-IIE ||
28
+
|[PDSA-2023-007](./advisory/pdsa-2023-007.md)| FPE in paddle.linalg.matrix_rank | < 2.6.0 | Tong Liu of ShanghaiTech University ||
29
+
|[PDSA-2023-006](./advisory/pdsa-2023-006.md)| FPE in paddle.nanmedian | < 2.6.0 | Tong Liu of ShanghaiTech University ||
30
+
|[PDSA-2023-005](./advisory/pdsa-2023-005.md)| Command injection in fs.py | < 2.5.0 | Xiaochen Guo from Huazhong University of Science and Technology ||
31
+
|[PDSA-2023-004](./advisory/pdsa-2023-004.md)| FPE in paddle.linalg.matrix_power | < 2.5.0 | Tong Liu of ShanghaiTech University ||
32
+
|[PDSA-2023-003](./advisory/pdsa-2023-003.md)| Heap buffer overflow in paddle.trace | < 2.5.0 | Tong Liu of ShanghaiTech University ||
33
+
|[PDSA-2023-002](./advisory/pdsa-2023-002.md)| Null pointer dereference in paddle.flip | < 2.5.0 | Tong Liu of ShanghaiTech University ||
34
+
|[PDSA-2023-001](./advisory/pdsa-2023-001.md)| Use after free in paddle.diagonal | < 2.5.0 | Tong Liu of ShanghaiTech University ||
35
+
|[PDSA-2022-002](./advisory/pdsa-2022-002.md)| Code injection in paddle.audio.functional.get_window | = 2.4.0-rc0 | Tong Liu of ShanghaiTech University ||
36
+
|[PDSA-2022-001](./advisory/pdsa-2022-001.md)| OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team ||
|[PDSA-2023-005](./advisory/pdsa-2023-005_cn.md)| Command injection in fs.py | < 2.5.0 | Xiaochen Guo from Huazhong University of Science and Technology ||
13
-
|[PDSA-2023-004](./advisory/pdsa-2023-004_cn.md)| FPE in paddle.linalg.matrix_power | < 2.5.0 | Tong Liu of ShanghaiTech University ||
14
-
|[PDSA-2023-003](./advisory/pdsa-2023-003_cn.md)| Heap buffer overflow in paddle.trace | < 2.5.0 | Tong Liu of ShanghaiTech University ||
15
-
|[PDSA-2023-002](./advisory/pdsa-2023-002_cn.md)| Null pointer dereference in paddle.flip | < 2.5.0 | Tong Liu of ShanghaiTech University ||
16
-
|[PDSA-2023-001](./advisory/pdsa-2023-001_cn.md)| Use after free in paddle.diagonal | < 2.5.0 | Tong Liu of ShanghaiTech University ||
17
-
|[PDSA-2022-002](./advisory/pdsa-2022-002_cn.md)| Code injection in paddle.audio.functional.get_window | = 2.4.0-rc0 | Tong Liu of ShanghaiTech University ||
18
-
|[PDSA-2022-001](./advisory/pdsa-2022-001_cn.md)| OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team ||
|[PDSA-2023-018](./advisory/pdsa-2023-018_cn.md)| Heap buffer overflow in paddle.repeat_interleave | < 2.6.0 | Tong Liu of CAS-IIE ||
18
+
|[PDSA-2023-017](./advisory/pdsa-2023-017_cn.md)| FPE in paddle.amin | < 2.6.0 | Tong Liu of CAS-IIE ||
19
+
|[PDSA-2023-016](./advisory/pdsa-2023-016_cn.md)| Stack overflow in paddle.linalg.lu_unpack | < 2.6.0 | Tong Liu of CAS-IIE ||
20
+
|[PDSA-2023-015](./advisory/pdsa-2023-015_cn.md)| FPE in paddle.lerp | < 2.6.0 | Tong Liu of CAS-IIE ||
21
+
|[PDSA-2023-014](./advisory/pdsa-2023-014_cn.md)| FPE in paddle.topk | < 2.6.0 | Tong Liu of CAS-IIE ||
22
+
|[PDSA-2023-013](./advisory/pdsa-2023-013_cn.md)| Stack overflow in paddle.searchsorted | < 2.6.0 | Tong Liu of CAS-IIE ||
23
+
|[PDSA-2023-012](./advisory/pdsa-2023-012_cn.md)| Segfault in paddle.put_along_axis | < 2.6.0 | Tong Liu of CAS-IIE ||
24
+
|[PDSA-2023-011](./advisory/pdsa-2023-011_cn.md)| Null pointer dereference in paddle.nextafter | < 2.6.0 | Tong Liu of CAS-IIE ||
25
+
|[PDSA-2023-010](./advisory/pdsa-2023-010_cn.md)| Segfault in paddle.mode | < 2.6.0 | Tong Liu of CAS-IIE ||
26
+
|[PDSA-2023-009](./advisory/pdsa-2023-009_cn.md)| FPE in paddle.linalg.eig | < 2.6.0 | Tong Liu of CAS-IIE ||
27
+
|[PDSA-2023-008](./advisory/pdsa-2023-008_cn.md)| Segfault in paddle.dot | < 2.6.0 | Tong Liu of CAS-IIE ||
28
+
|[PDSA-2023-007](./advisory/pdsa-2023-007_cn.md)| FPE in paddle.linalg.matrix_rank | < 2.6.0 | Tong Liu of ShanghaiTech University ||
29
+
|[PDSA-2023-006](./advisory/pdsa-2023-006_cn.md)| FPE in paddle.nanmedian | < 2.6.0 | Tong Liu of ShanghaiTech University ||
30
+
|[PDSA-2023-005](./advisory/pdsa-2023-005_cn.md)| Command injection in fs.py | < 2.5.0 | Xiaochen Guo from Huazhong University of Science and Technology ||
31
+
|[PDSA-2023-004](./advisory/pdsa-2023-004_cn.md)| FPE in paddle.linalg.matrix_power | < 2.5.0 | Tong Liu of ShanghaiTech University ||
32
+
|[PDSA-2023-003](./advisory/pdsa-2023-003_cn.md)| Heap buffer overflow in paddle.trace | < 2.5.0 | Tong Liu of ShanghaiTech University ||
33
+
|[PDSA-2023-002](./advisory/pdsa-2023-002_cn.md)| Null pointer dereference in paddle.flip | < 2.5.0 | Tong Liu of ShanghaiTech University ||
34
+
|[PDSA-2023-001](./advisory/pdsa-2023-001_cn.md)| Use after free in paddle.diagonal | < 2.5.0 | Tong Liu of ShanghaiTech University ||
35
+
|[PDSA-2022-002](./advisory/pdsa-2022-002_cn.md)| Code injection in paddle.audio.functional.get_window | = 2.4.0-rc0 | Tong Liu of ShanghaiTech University ||
36
+
|[PDSA-2022-001](./advisory/pdsa-2022-001_cn.md)| OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team ||
0 commit comments