2024-01-03 08:15:04
Baidu
PUBLISHED
PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.