CVE-2023-27579

Incorrect Comparison in pypi/tensorflow

Identifiers

CVE-2023-27579, GHSA-5w96-866f-6rm8

Package Slug

pypi/tensorflow

Vulnerability

Incorrect Comparison

Description

TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filter_input_channel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1.

Affected Versions

All versions before 2.11.1

Solution

Upgrade to version 2.11.1 or above.

Last Modified

2023-03-27

source