CVE-2021-41222

Improper Restriction of Operations within the Bounds of a Memory Buffer in pypi/tensorflow

Identifiers

CVE-2021-41222, GHSA-cpf4-wx82-gxp6

Package Slug

pypi/tensorflow

Vulnerability

Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

TensorFlow is an open source platform for machine learning.This occurs whenever size_splits contains more than one value and at least one value is negative.

Affected Versions

All versions starting from 2.4.0 before 2.4.4, all versions starting from 2.5.0 before 2.5.2, all versions starting from 2.6.0 before 2.6.1, version 2.7.0

Solution

Upgrade to versions 2.4.4, 2.5.2, 2.6.1 or above.

Last Modified

2021-11-11

source