[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CVE-2021-37666 log

Source
Severity Low
Remote No
Type Insufficient validation
Description
In TensorFlow before version 2.6.0 an attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case when the argument would be empty.
Group Package Affected Fixed Severity Status Ticket
AVG-2292 tensorflow 2.5.0-6 2.5.1-1 Critical Fixed
References
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w4xf-2pqw-5mq7
https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612