Vulnerabilities > Paddlepaddle > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-12-07 CVE-2022-46741 Out-of-bounds Read vulnerability in Paddlepaddle
Out-of-bounds read in gather_tree in PaddlePaddle before 2.4. 
network
low complexity
paddlepaddle CWE-125
critical
 9.1
9.1
2022-11-26 CVE-2022-45908 Code Injection vulnerability in Paddlepaddle
In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winstr.
network
low complexity
paddlepaddle CWE-94
critical
 9.8
9.8