Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/paddlepaddle@2.1.0
Typepypi
Namespace
Namepaddlepaddle
Version2.1.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.6.1
Latest_non_vulnerable_version2.6.1
Affected_by_vulnerabilities
0
url VCID-5s1z-ubhw-y7af
vulnerability_id VCID-5s1z-ubhw-y7af
summary Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition.
references
0
reference_url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-001.md
reference_id
reference_type
scores
url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-001.md
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38669
reference_id CVE-2023-38669
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-38669
fixed_packages
0
url pkg:pypi/paddlepaddle@2.5.0
purl pkg:pypi/paddlepaddle@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17s7-wrdn-ebes
1
vulnerability VCID-35qf-2v8r-t3cf
2
vulnerability VCID-45e3-a2hf-4bh9
3
vulnerability VCID-49pw-ktz7-jfh4
4
vulnerability VCID-7dca-ch9k-jkb6
5
vulnerability VCID-9cbs-47dq-rfca
6
vulnerability VCID-akmg-8bh1-xufv
7
vulnerability VCID-cuna-r55b-rqf3
8
vulnerability VCID-fbr1-2g6w-tqaa
9
vulnerability VCID-fd4j-1rre-5ua9
10
vulnerability VCID-h7rz-ms5h-huen
11
vulnerability VCID-ndbe-sr54-f3ha
12
vulnerability VCID-nehj-8bwx-qyce
13
vulnerability VCID-pt8v-dqvj-yue7
14
vulnerability VCID-pyt1-w4bk-x7cb
15
vulnerability VCID-s51x-rhes-73h1
16
vulnerability VCID-sshq-1n66-uugm
17
vulnerability VCID-z3ar-bcd5-gya8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/paddlepaddle@2.5.0
aliases CVE-2023-38669, PYSEC-2023-122
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5s1z-ubhw-y7af
1
url VCID-kcxs-f62a-8fbb
vulnerability_id VCID-kcxs-f62a-8fbb
summary PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system.
references
0
reference_url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-005.md
reference_id
reference_type
scores
url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-005.md
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38673
reference_id CVE-2023-38673
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-38673
fixed_packages
0
url pkg:pypi/paddlepaddle@2.5.0
purl pkg:pypi/paddlepaddle@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17s7-wrdn-ebes
1
vulnerability VCID-35qf-2v8r-t3cf
2
vulnerability VCID-45e3-a2hf-4bh9
3
vulnerability VCID-49pw-ktz7-jfh4
4
vulnerability VCID-7dca-ch9k-jkb6
5
vulnerability VCID-9cbs-47dq-rfca
6
vulnerability VCID-akmg-8bh1-xufv
7
vulnerability VCID-cuna-r55b-rqf3
8
vulnerability VCID-fbr1-2g6w-tqaa
9
vulnerability VCID-fd4j-1rre-5ua9
10
vulnerability VCID-h7rz-ms5h-huen
11
vulnerability VCID-ndbe-sr54-f3ha
12
vulnerability VCID-nehj-8bwx-qyce
13
vulnerability VCID-pt8v-dqvj-yue7
14
vulnerability VCID-pyt1-w4bk-x7cb
15
vulnerability VCID-s51x-rhes-73h1
16
vulnerability VCID-sshq-1n66-uugm
17
vulnerability VCID-z3ar-bcd5-gya8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/paddlepaddle@2.5.0
aliases CVE-2023-38673, PYSEC-2023-126
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcxs-f62a-8fbb
2
url VCID-nvts-nkrt-7ybs
vulnerability_id VCID-nvts-nkrt-7ybs
summary Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
references
0
reference_url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-003.md
reference_id
reference_type
scores
url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-003.md
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38671
reference_id CVE-2023-38671
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-38671
fixed_packages
0
url pkg:pypi/paddlepaddle@2.5.0
purl pkg:pypi/paddlepaddle@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17s7-wrdn-ebes
1
vulnerability VCID-35qf-2v8r-t3cf
2
vulnerability VCID-45e3-a2hf-4bh9
3
vulnerability VCID-49pw-ktz7-jfh4
4
vulnerability VCID-7dca-ch9k-jkb6
5
vulnerability VCID-9cbs-47dq-rfca
6
vulnerability VCID-akmg-8bh1-xufv
7
vulnerability VCID-cuna-r55b-rqf3
8
vulnerability VCID-fbr1-2g6w-tqaa
9
vulnerability VCID-fd4j-1rre-5ua9
10
vulnerability VCID-h7rz-ms5h-huen
11
vulnerability VCID-ndbe-sr54-f3ha
12
vulnerability VCID-nehj-8bwx-qyce
13
vulnerability VCID-pt8v-dqvj-yue7
14
vulnerability VCID-pyt1-w4bk-x7cb
15
vulnerability VCID-s51x-rhes-73h1
16
vulnerability VCID-sshq-1n66-uugm
17
vulnerability VCID-z3ar-bcd5-gya8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/paddlepaddle@2.5.0
aliases CVE-2023-38671, PYSEC-2023-124
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvts-nkrt-7ybs
3
url VCID-p4dk-geq7-j3b7
vulnerability_id VCID-p4dk-geq7-j3b7
summary Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.
references
0
reference_url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-002.md
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-002.md
fixed_packages
0
url pkg:pypi/paddlepaddle@2.4.0
purl pkg:pypi/paddlepaddle@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17s7-wrdn-ebes
1
vulnerability VCID-35qf-2v8r-t3cf
2
vulnerability VCID-45e3-a2hf-4bh9
3
vulnerability VCID-49pw-ktz7-jfh4
4
vulnerability VCID-5s1z-ubhw-y7af
5
vulnerability VCID-7dca-ch9k-jkb6
6
vulnerability VCID-9cbs-47dq-rfca
7
vulnerability VCID-akmg-8bh1-xufv
8
vulnerability VCID-cuna-r55b-rqf3
9
vulnerability VCID-fbr1-2g6w-tqaa
10
vulnerability VCID-fd4j-1rre-5ua9
11
vulnerability VCID-h7rz-ms5h-huen
12
vulnerability VCID-kcxs-f62a-8fbb
13
vulnerability VCID-ndbe-sr54-f3ha
14
vulnerability VCID-nehj-8bwx-qyce
15
vulnerability VCID-nvts-nkrt-7ybs
16
vulnerability VCID-pt8v-dqvj-yue7
17
vulnerability VCID-pyt1-w4bk-x7cb
18
vulnerability VCID-s51x-rhes-73h1
19
vulnerability VCID-sshq-1n66-uugm
20
vulnerability VCID-swfm-bfvg-quft
21
vulnerability VCID-vwp3-2fev-3qaz
22
vulnerability VCID-z3ar-bcd5-gya8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/paddlepaddle@2.4.0
aliases CVE-2022-46742, PYSEC-2022-43063
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4dk-geq7-j3b7
4
url VCID-swfm-bfvg-quft
vulnerability_id VCID-swfm-bfvg-quft
summary Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service.
references
0
reference_url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-002.md
reference_id
reference_type
scores
url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-002.md
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38670
reference_id CVE-2023-38670
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-38670
fixed_packages
0
url pkg:pypi/paddlepaddle@2.5.0
purl pkg:pypi/paddlepaddle@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17s7-wrdn-ebes
1
vulnerability VCID-35qf-2v8r-t3cf
2
vulnerability VCID-45e3-a2hf-4bh9
3
vulnerability VCID-49pw-ktz7-jfh4
4
vulnerability VCID-7dca-ch9k-jkb6
5
vulnerability VCID-9cbs-47dq-rfca
6
vulnerability VCID-akmg-8bh1-xufv
7
vulnerability VCID-cuna-r55b-rqf3
8
vulnerability VCID-fbr1-2g6w-tqaa
9
vulnerability VCID-fd4j-1rre-5ua9
10
vulnerability VCID-h7rz-ms5h-huen
11
vulnerability VCID-ndbe-sr54-f3ha
12
vulnerability VCID-nehj-8bwx-qyce
13
vulnerability VCID-pt8v-dqvj-yue7
14
vulnerability VCID-pyt1-w4bk-x7cb
15
vulnerability VCID-s51x-rhes-73h1
16
vulnerability VCID-sshq-1n66-uugm
17
vulnerability VCID-z3ar-bcd5-gya8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/paddlepaddle@2.5.0
aliases CVE-2023-38670, PYSEC-2023-123
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-swfm-bfvg-quft
5
url VCID-vwp3-2fev-3qaz
vulnerability_id VCID-vwp3-2fev-3qaz
summary FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service.
references
0
reference_url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-004.md
reference_id
reference_type
scores
url https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-004.md
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38672
reference_id CVE-2023-38672
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-38672
fixed_packages
0
url pkg:pypi/paddlepaddle@2.5.0
purl pkg:pypi/paddlepaddle@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17s7-wrdn-ebes
1
vulnerability VCID-35qf-2v8r-t3cf
2
vulnerability VCID-45e3-a2hf-4bh9
3
vulnerability VCID-49pw-ktz7-jfh4
4
vulnerability VCID-7dca-ch9k-jkb6
5
vulnerability VCID-9cbs-47dq-rfca
6
vulnerability VCID-akmg-8bh1-xufv
7
vulnerability VCID-cuna-r55b-rqf3
8
vulnerability VCID-fbr1-2g6w-tqaa
9
vulnerability VCID-fd4j-1rre-5ua9
10
vulnerability VCID-h7rz-ms5h-huen
11
vulnerability VCID-ndbe-sr54-f3ha
12
vulnerability VCID-nehj-8bwx-qyce
13
vulnerability VCID-pt8v-dqvj-yue7
14
vulnerability VCID-pyt1-w4bk-x7cb
15
vulnerability VCID-s51x-rhes-73h1
16
vulnerability VCID-sshq-1n66-uugm
17
vulnerability VCID-z3ar-bcd5-gya8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/paddlepaddle@2.5.0
aliases CVE-2023-38672, PYSEC-2023-125
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vwp3-2fev-3qaz
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/paddlepaddle@2.1.0