CVE-2022-46741

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions PaddlePaddle versions prior to 2.4

Description The issue is an out-of-bounds read in the gather tree function. This problem affects PaddlePaddle versions before 2.4. A patch for this issue is available in the release/2.4 branch.

Recommendations For versions prior to 2.4, update to version 2.4 or later to resolve the issue. As a temporary workaround, consider disabling the gather tree function until a patch is available.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2022-46741

GHSA-2HVC-HWG3-HPVW

Affected Products

Paddlepaddle

CVE-2022-46741

Weakness Enumeration

Related Identifiers

Affected Products

References · 9