Safety vulnerability ID: 39902
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency "SQLite" to handle CVE-2020-13435.
Latest version: 2.18.0
TensorFlow is an open source machine learning framework for everyone.
Bug Fixes and Other Changes
* Fixes an undefined behavior causing a segfault in `tf.raw_ops.Switch`
* Fixes three vulnerabilities in conversion to DLPack format
* Fixes two vulnerabilities in `SparseFillEmptyRowsGrad`
* Fixes an integer truncation vulnerability in code using the work sharder API
* Fixes a format string vulnerability in `tf.strings.as_string`
* Fixes segfault raised by calling session-only ops in eager mode
* Fixes data leak and potential ASLR violation from `tf.raw_ops.StringNGrams`
* Fixes segfaults caused by incomplete `SavedModel` validation
* Fixes a data corruption due to a bug in negative indexing support in TFLite
* Fixes a data corruption due to dimension mismatch in TFLite
* Fixes several vulnerabilities in TFLite saved model format
* Fixes several vulnerabilities in TFLite implementation of segment sum
* Updates `sqlite3` to `3.33.00` to handle
* Fixes deprecated usage of `collections` API
* Removes `scipy` dependency from `` since TensorFlow does not need it
to install the pip package
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application