CVE-2023-52306

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 3, 2024
Updated: Jan 5, 2024
CWE ID 369

Summary

CVE-2023-52306, a high-severity vulnerability, affects the PaddlePaddle software versions before 2.6.0. This flaw in the paddle.lerp function can potentially lead to a runtime crash and denial of service. The vulnerability is categorized under CWE-369 (Divide By Zero) and has a base score of 7.5 according to NIST. It does not require any privileges or user interaction to exploit and can be exploited over the network. Although the impact on confidentiality and integrity is none, it poses a high risk to availability. To remediate the vulnerability, organizations should update their PaddlePaddle software to version 2.6.0 or later.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-52306 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options