CVE-2023-25665

NULL Pointer Dereference in pypi/tensorflow-cpu

Identifiers

GHSA-558h-mq8x-7q9g, CVE-2023-25665

Package Slug

pypi/tensorflow-cpu

Vulnerability

NULL Pointer Dereference

Description

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when SparseSparseMaximum is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1.

Affected Versions

All versions before 2.11.1

Solution

Upgrade to version 2.11.1 or above.

Last Modified

2023-03-27

source