Safety vulnerability ID: 56865
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Intel-tensorflow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37676: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.SparseFillEmptyRows'. The shape inference implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/sparse_ops.cc#L608-L634) does not validate that the input arguments are not empty tensors. The Tensorflow team has patched the issue in GitHub commit 578e634b4f1c1c684d4b4294f9e5281b2133b3ed.
Latest version: 2.14.0
TensorFlow is an open source machine learning framework for everyone.
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application