CVE-2023-25665

NULL Pointer Dereference in pypi/tensorflow

Identifiers

CVE-2023-25665, GHSA-558h-mq8x-7q9g

Package Slug

pypi/tensorflow

Vulnerability

NULL Pointer Dereference

Description

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when SparseSparseMaximum is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1.

Affected Versions

All versions before 2.12.0

Solution

Upgrade to version 2.12.0 or above.

Last Modified

2023-03-27

source