CVE-2023-38674
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Jan 3, 2024
Updated: Jan 5, 2024
CWE ID 369
Summary
CVE-2023-38674 is a vulnerability affecting the PaddlePaddle library before version 2.6.0. The issue lies in the 'paddle.nanmedian' function, which contains a Floating Point Exception (FPE) that can induce a runtime crash. An attacker can exploit this flaw to cause a denial of service (DoS) by triggering the FPE, making it essential for users to update to the latest version of PaddlePaddle to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share