Safety vulnerability ID: 58233
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Tensorflow-rocm-enhanced 2.3.1 includes a fix for CVE-2020-15201: In Tensorflow before version 2.3.1, the "RaggedCountSparseOutput" implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the "splits" tensor generate a valid partitioning of the "values" tensor. Hence, the code is prone to heap buffer overflow. If "split_values" does not end with a value at least "num_values" then the "while" loop condition will trigger a read outside of the bounds of "split_values" once "batch_idx" grows too large. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p5f8-gfw5-33w4
Latest version: 2.4.3
TensorFlow is an open source machine learning framework for everyone.
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application