Lucene search
HistoryJan 03, 2024 - 9:15 a.m.
CVE-2023-52310
paddlepaddle
command injection
vulnerability
operating system
execute arbitrary commands
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.001
Percentile
29.6%
PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
Affected configurations
Node
paddlepaddlepaddlepaddleRange<2.6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| paddlepaddle | paddlepaddle | * | cpe:2.3:a:paddlepaddle:paddlepaddle:*:*:*:*:*:*:*:* |
Related
github
github
PaddlePaddle command injection in get_online_pass_interval
2024-01-03 09:30:33
cvelist
cvelist
CVE-2023-52310 Command injection in get_online_pass_interval
2024-01-03 08:14:55
osv
osv
PaddlePaddle command injection in get_online_pass_interval
2024-01-03 09:30:33
CVE-2023-52310
2024-01-03 09:15:10
cve
cve
CVE-2023-52310
2024-01-03 09:15:10
prion
prion
Command injection
2024-01-03 09:15:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.001
Percentile
29.6%
Related for NVD:CVE-2023-52310