CVE-2021-41225

Use of Uninitialized Resource in pypi/tensorflow

Identifiers

CVE-2021-41225, GHSA-7r94-xv9v-63jw

Package Slug

pypi/tensorflow

Vulnerability

Use of Uninitialized Resource

Description

TensorFlow is an open source platform for machine learning.If the train_nodes vector (obtained from the saved model that gets optimized) does not contain a Dequeue node, then dequeue_node is left unitialized.

Affected Versions

All versions starting from 2.4.0 before 2.4.4, all versions starting from 2.5.0 before 2.5.2, all versions starting from 2.6.0 before 2.6.1, version 2.7.0

Solution

Upgrade to versions 2.4.4, 2.5.2, 2.6.1 or above.

Last Modified

2021-11-11

source