Skip to content

Latest commit

 

History

History
36 lines (30 loc) · 5.47 KB

README_ja.md

File metadata and controls

36 lines (30 loc) · 5.47 KB

PaddlePaddle セキュリティ勧告

PaddlePaddle の使用に関するセキュリティ勧告を定期的に発表しています。

: これらのセキュリティ勧告と併せ、PaddlePaddle ユーザーには SECURITY.md に記載されている PaddlePaddle のセキュリティモデルを読み、理解することを強くお勧めします。

アドバイザリー番号 タイプ 対象バージョン 報告者 追加情報
PDSA-2023-023 Command injection in convert_shape_compare < 2.6.0 leeya_bug
PDSA-2023-022 FPE in paddle.argmin and paddle.argmax < 2.6.0 Peng Zhou (zpbrent) from Shanghai University
PDSA-2023-021 Null pointer dereference in paddle.crop < 2.6.0 Peng Zhou (zpbrent) from Shanghai University
PDSA-2023-020 Command injection in _wget_download < 2.6.0 huntr.com
PDSA-2023-019 Command injection in get_online_pass_interval < 2.6.0 huntr.com and leeya_bug
PDSA-2023-018 Heap buffer overflow in paddle.repeat_interleave < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-017 FPE in paddle.amin < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-016 Stack overflow in paddle.linalg.lu_unpack < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-015 FPE in paddle.lerp < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-014 FPE in paddle.topk < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-013 Stack overflow in paddle.searchsorted < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-012 Segfault in paddle.put_along_axis < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-011 Null pointer dereference in paddle.nextafter < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-010 Segfault in paddle.mode < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-009 FPE in paddle.linalg.eig < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-008 Segfault in paddle.dot < 2.6.0 Tong Liu of CAS-IIE
PDSA-2023-007 FPE in paddle.linalg.matrix_rank < 2.6.0 Tong Liu of ShanghaiTech University
PDSA-2023-006 FPE in paddle.nanmedian < 2.6.0 Tong Liu of ShanghaiTech University
PDSA-2023-005 Command injection in fs.py < 2.5.0 Xiaochen Guo from Huazhong University of Science and Technology
PDSA-2023-004 FPE in paddle.linalg.matrix_power < 2.5.0 Tong Liu of ShanghaiTech University
PDSA-2023-003 Heap buffer overflow in paddle.trace < 2.5.0 Tong Liu of ShanghaiTech University
PDSA-2023-002 Null pointer dereference in paddle.flip < 2.5.0 Tong Liu of ShanghaiTech University
PDSA-2023-001 Use after free in paddle.diagonal < 2.5.0 Tong Liu of ShanghaiTech University
PDSA-2022-002 Code injection in paddle.audio.functional.get_window = 2.4.0-rc0 Tong Liu of ShanghaiTech University
PDSA-2022-001 OOB read in gather_tree < 2.4 Wang Xuan(王旋) of Qihoo 360 AIVul Team