Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-fzzq-2t1q-p7fa
Vulnerability ID VCID-fzzq-2t1q-p7fa
Aliases CVE-2024-0818
GHSA-2rp8-hff9-c5wr
Summary PaddlePaddle Path Traversal vulnerability Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
There are no known severity scores.
Reference id Reference type URL
https://github.com/PaddlePaddle/Paddle
https://github.com/PaddlePaddle/Paddle/commit/5c50d1a8b97b310cbc36560ec36d8377d6f29d7c
https://huntr.com/bounties/85b06a1b-ac0b-4096-a06d-330891570cd9
CVE-2024-0818 https://nvd.nist.gov/vuln/detail/CVE-2024-0818
GHSA-2rp8-hff9-c5wr https://github.com/advisories/GHSA-2rp8-hff9-c5wr
No exploits are available.
There are no known vectors.

No EPSS data available for this vulnerability.

Date Actor Action Source VulnerableCode Version
2026-06-02T04:47:19.167270+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paddlepaddle/CVE-2024-0818.yml 38.6.0