Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-jwrc-3v3f-5cq5

GitHub Security Advisory

PaddlePaddle allows arbitrary file read via paddle.vision.ops.read_file

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file.

Affected Packages

PyPI paddlepaddle
Affected versions: 0 (last affected: 2.6.0)

Related CVEs

CVE-2024-1603

Key Information

GHSA ID
GHSA-jwrc-3v3f-5cq5
Published
March 23, 2024 9:30 PM
Last Modified
January 24, 2025 8:18 PM
CVSS Score
7.5 /10
Primary Ecosystem
PyPI
Primary Package
paddlepaddle
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 7, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.