CVE-2021-41227

Out-of-bounds Read in pypi/tensorflow

Identifiers

CVE-2021-41227, GHSA-j8c8-67vp-6mx7

Package Slug

pypi/tensorflow

Vulnerability

Out-of-bounds Read

Description

TensorFlow is an open source platform for machine learning.This is because the tstring TensorFlow string class has a special case for memory mapped strings but the operation itself does not offer any support for this datatype.

Affected Versions

All versions starting from 2.4.0 before 2.4.4, all versions starting from 2.5.0 before 2.5.2, all versions starting from 2.6.0 before 2.6.1, version 2.7.0

Solution

Upgrade to versions 2.4.4, 2.5.2, 2.6.1 or above.

Last Modified

2021-11-11

source