Safety vulnerability ID: 53863
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25801: Prior to versions 2.12.0 and 2.11.1, 'nn_ops.fractional_avg_pool_v2' and 'nn_ops.fractional_max_pool_v2' require the first and fourth elements of their parameter 'pooling_ratio' to be equal to 1.0, as pooling on batch and channel dimensions is not supported.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q
Latest version: 2.16.1
TensorFlow is an open source machine learning framework for everyone.
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2` require the first and fourth elements of their parameter `pooling_ratio` to be equal to 1.0, as pooling on batch and channel dimensions is not supported. A fix is included in TensorFlow 2.12.0 and 2.11.1. See CVE-2023-25801.
MISC:https://github.com/tensorflow/tensorflow/commit/ee50d1e00f81f62a4517453f721c634bbb478307: https://github.com/tensorflow/tensorflow/commit/ee50d1e00f81f62a4517453f721c634bbb478307
MISC:https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application