2024-01-03 08:15:52
Baidu
PUBLISHED
PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.