Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/paddlepaddle@2.4.2
purl pkg:pypi/paddlepaddle@2.4.2
Next non-vulnerable version 2.6.1
Latest non-vulnerable version 2.6.1
Risk
Vulnerabilities affecting this package (23)
Vulnerability Summary Fixed by
VCID-17s7-wrdn-ebes
Aliases:
CVE-2023-38675
GHSA-jm68-fpmr-8j2g
PYSEC-2024-130
FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-35qf-2v8r-t3cf
Aliases:
CVE-2023-52308
GHSA-v9pg-qw6x-w5r2
PYSEC-2024-140
FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-45e3-a2hf-4bh9
Aliases:
CVE-2023-52310
GHSA-j5h9-9r39-43q5
PYSEC-2024-142
PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
2.6.0
Affected by 6 other vulnerabilities.
VCID-49pw-ktz7-jfh4
Aliases:
CVE-2023-52305
GHSA-rx2r-q96c-w5cc
PYSEC-2024-137
FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-5s1z-ubhw-y7af
Aliases:
CVE-2023-38669
PYSEC-2023-122
Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition.
2.5.0
Affected by 18 other vulnerabilities.
VCID-7dca-ch9k-jkb6
Aliases:
CVE-2023-52306
GHSA-rg9q-m8hv-xxr6
PYSEC-2024-138
FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-9cbs-47dq-rfca
Aliases:
CVE-2023-52314
GHSA-3cr5-2446-8pg3
PYSEC-2024-146
PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.
2.6.0
Affected by 6 other vulnerabilities.
VCID-akmg-8bh1-xufv
Aliases:
CVE-2023-38678
GHSA-mr78-v55p-7777
PYSEC-2024-133
OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-cuna-r55b-rqf3
Aliases:
CVE-2023-38676
GHSA-x3q9-c788-j7c8
PYSEC-2024-131
Nullptr in paddle.dot in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-fbr1-2g6w-tqaa
Aliases:
CVE-2023-52303
GHSA-2wcj-qr76-9768
PYSEC-2024-135
Nullptr in paddle.put_along_axis in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-fd4j-1rre-5ua9
Aliases:
CVE-2023-38677
GHSA-c6ph-m8cw-rfqh
PYSEC-2024-132
FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-h7rz-ms5h-huen
Aliases:
CVE-2023-52304
GHSA-4rrv-8gcp-24v8
PYSEC-2024-136
Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
2.6.0
Affected by 6 other vulnerabilities.
VCID-kcxs-f62a-8fbb
Aliases:
CVE-2023-38673
PYSEC-2023-126
PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system.
2.5.0
Affected by 18 other vulnerabilities.
VCID-ndbe-sr54-f3ha
Aliases:
CVE-2023-52309
GHSA-8fp7-jwv2-49x9
PYSEC-2024-141
Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
2.6.0
Affected by 6 other vulnerabilities.
VCID-nehj-8bwx-qyce
Aliases:
CVE-2023-38674
GHSA-xjpw-hx47-rccv
PYSEC-2024-129
FPE in paddle.nanmedian in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-nvts-nkrt-7ybs
Aliases:
CVE-2023-38671
PYSEC-2023-124
Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
2.5.0
Affected by 18 other vulnerabilities.
VCID-pt8v-dqvj-yue7
Aliases:
CVE-2023-52302
GHSA-547m-23x7-cxg5
PYSEC-2024-134
Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
VCID-pyt1-w4bk-x7cb
Aliases:
CVE-2023-52311
GHSA-rf7p-79xq-8xwm
PYSEC-2024-143
PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.
2.6.0
Affected by 6 other vulnerabilities.
VCID-s51x-rhes-73h1
Aliases:
CVE-2023-52312
GHSA-qppw-c37g-xwcc
PYSEC-2024-144
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
2.6.1
Affected by 0 other vulnerabilities.
VCID-sshq-1n66-uugm
Aliases:
CVE-2023-52307
GHSA-g57v-2687-jx33
PYSEC-2024-139
Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
2.6.0
Affected by 6 other vulnerabilities.
VCID-swfm-bfvg-quft
Aliases:
CVE-2023-38670
PYSEC-2023-123
Null pointer dereference in paddle.flip in PaddlePaddle before 2.5.0. This resulted in a runtime crash and denial of service.
2.5.0
Affected by 18 other vulnerabilities.
VCID-vwp3-2fev-3qaz
Aliases:
CVE-2023-38672
PYSEC-2023-125
FPE in paddle.trace in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service.
2.5.0
Affected by 18 other vulnerabilities.
VCID-z3ar-bcd5-gya8
Aliases:
CVE-2023-52313
GHSA-275c-w5mq-v5m2
PYSEC-2024-145
FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
2.6.0
Affected by 6 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:20:34.116658+00:00 Pypa Importer Affected by VCID-nehj-8bwx-qyce https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-129.yaml 38.6.0
2026-06-02T04:20:34.043077+00:00 Pypa Importer Affected by VCID-45e3-a2hf-4bh9 https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-142.yaml 38.6.0
2026-06-02T04:20:33.966949+00:00 Pypa Importer Affected by VCID-9cbs-47dq-rfca https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-146.yaml 38.6.0
2026-06-02T04:20:33.892776+00:00 Pypa Importer Affected by VCID-fbr1-2g6w-tqaa https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-135.yaml 38.6.0
2026-06-02T04:20:33.811336+00:00 Pypa Importer Affected by VCID-s51x-rhes-73h1 https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-144.yaml 38.6.0
2026-06-02T04:20:33.733695+00:00 Pypa Importer Affected by VCID-17s7-wrdn-ebes https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-130.yaml 38.6.0
2026-06-02T04:20:33.652705+00:00 Pypa Importer Affected by VCID-z3ar-bcd5-gya8 https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-145.yaml 38.6.0
2026-06-02T04:20:33.576686+00:00 Pypa Importer Affected by VCID-pt8v-dqvj-yue7 https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-134.yaml 38.6.0
2026-06-02T04:20:33.501828+00:00 Pypa Importer Affected by VCID-h7rz-ms5h-huen https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-136.yaml 38.6.0
2026-06-02T04:20:33.425457+00:00 Pypa Importer Affected by VCID-pyt1-w4bk-x7cb https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-143.yaml 38.6.0
2026-06-02T04:20:33.348029+00:00 Pypa Importer Affected by VCID-35qf-2v8r-t3cf https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-140.yaml 38.6.0
2026-06-02T04:20:33.272691+00:00 Pypa Importer Affected by VCID-ndbe-sr54-f3ha https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-141.yaml 38.6.0
2026-06-02T04:20:33.197543+00:00 Pypa Importer Affected by VCID-cuna-r55b-rqf3 https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-131.yaml 38.6.0
2026-06-02T04:20:33.120817+00:00 Pypa Importer Affected by VCID-sshq-1n66-uugm https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-139.yaml 38.6.0
2026-06-02T04:20:33.046058+00:00 Pypa Importer Affected by VCID-7dca-ch9k-jkb6 https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-138.yaml 38.6.0
2026-06-02T04:20:32.970328+00:00 Pypa Importer Affected by VCID-fd4j-1rre-5ua9 https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-132.yaml 38.6.0
2026-06-02T04:20:32.893786+00:00 Pypa Importer Affected by VCID-akmg-8bh1-xufv https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-133.yaml 38.6.0
2026-06-02T04:20:32.816653+00:00 Pypa Importer Affected by VCID-49pw-ktz7-jfh4 https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2024-137.yaml 38.6.0
2026-06-02T04:19:13.552430+00:00 Pypa Importer Affected by VCID-kcxs-f62a-8fbb https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2023-126.yaml 38.6.0
2026-06-02T04:19:13.441966+00:00 Pypa Importer Affected by VCID-vwp3-2fev-3qaz https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2023-125.yaml 38.6.0
2026-06-02T04:19:13.327948+00:00 Pypa Importer Affected by VCID-swfm-bfvg-quft https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2023-123.yaml 38.6.0
2026-06-02T04:19:13.206925+00:00 Pypa Importer Affected by VCID-nvts-nkrt-7ybs https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2023-124.yaml 38.6.0
2026-06-02T04:19:13.082673+00:00 Pypa Importer Affected by VCID-5s1z-ubhw-y7af https://github.com/pypa/advisory-database/blob/main/vulns/paddlepaddle/PYSEC-2023-122.yaml 38.6.0