Scan free
CRITICALCVE-2024-0818CVSS 9.1

CVE-2024-0818: Path Traversal in PaddlePaddle

Platform

python

Component

paddlepaddle/paddle

Fixed in

2.6

AI Confidence: highNVDEPSS 0.3%Reviewed: May 2026
View on NVD
Save

CVE-2024-0818 is a critical Path Traversal vulnerability affecting PaddlePaddle versions prior to 2.6. This flaw allows attackers to overwrite arbitrary files on the system, potentially leading to complete system compromise. The vulnerability was published on March 7, 2024, and a fix is available in version 2.6.

Python

Detect this CVE in your project

Upload your requirements.txt file and we'll tell you instantly if you're affected.

Upload requirements.txtSupported formats: requirements.txt · Pipfile.lock

Impact and Attack Scenarios

The core of this vulnerability lies in PaddlePaddle's insufficient validation of user-supplied file paths. An attacker can craft malicious input that bypasses these checks, allowing them to specify a path outside the intended directory. This enables the overwriting of critical system files, configuration files, or even executable code. Successful exploitation could result in remote code execution, data corruption, denial of service, or complete system takeover. The impact is particularly severe given PaddlePaddle's use in machine learning and AI applications, where compromised models or data could have far-reaching consequences.

Exploitation Context

CVE-2024-0818 is currently not listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the severity of the vulnerability (CVSS 9.1) suggests a high probability of exploitation if a suitable exploit is developed. The vulnerability's impact on machine learning workflows could make it a target for advanced persistent threat (APT) actors.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

0.34% (57% percentile)

CISA SSVC

Exploitationpoc
Automatableyes
Technical Impactpartial

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H9.1CRITICALAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityNoneRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
None — no confidentiality impact. Attacker cannot read protected data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Affected Software

Componentpaddlepaddle/paddle
Vendorpaddlepaddle
Affected rangeFixed in
unspecified – latest

Weakness Classification (CWE)

CWE-22

Timeline

  1. Reserved
  2. Published
  3. Modified
  4. EPSS updated

Mitigation and Workarounds

The primary mitigation for CVE-2024-0818 is to immediately upgrade to PaddlePaddle version 2.6 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider implementing strict input validation on file paths within your application code. While not a complete solution, restricting access to sensitive directories and implementing file integrity monitoring can help limit the potential damage. Consider using a Web Application Firewall (WAF) with path traversal protection rules, though this is less effective than patching the underlying vulnerability. After upgrade, confirm by attempting to trigger the vulnerable functionality and verifying that file access is properly restricted.

How to fix

Update the paddlepaddle/paddle library to version 2.6 or higher. This will resolve the arbitrary file overwrite via path traversal vulnerability. You can update using the pip package manager: `pip install paddlepaddle --upgrade`.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2024-0818 — Path Traversal in PaddlePaddle?

CVE-2024-0818 is a critical Path Traversal vulnerability in PaddlePaddle versions before 2.6, allowing attackers to overwrite arbitrary files.

Am I affected by CVE-2024-0818 in PaddlePaddle?

If you are using PaddlePaddle versions prior to 2.6, you are potentially affected by this vulnerability.

How do I fix CVE-2024-0818 in PaddlePaddle?

Upgrade to PaddlePaddle version 2.6 or later to resolve this vulnerability. Implement input validation as a temporary workaround.

Is CVE-2024-0818 being actively exploited?

While no active exploitation has been confirmed, the high severity score suggests a potential for exploitation if a suitable exploit is developed.

Where can I find the official PaddlePaddle advisory for CVE-2024-0818?

Refer to the PaddlePaddle security advisory for detailed information and updates: [https://github.com/PaddlePaddle/Paddle/security/advisories/GHSA-9999](https://github.com/PaddlePaddle/Paddle/security/advisories/GHSA-9999)

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs