CVE-2023-25669

Incorrect Comparison in pypi/tensorflow-cpu

Identifiers

GHSA-rcf8-g8jv-vg6p, CVE-2023-25669

Package Slug

pypi/tensorflow-cpu

Vulnerability

Incorrect Comparison

Description

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for tf.raw_ops.AvgPoolGrad, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Affected Versions

All versions before 2.11.1

Solution

Upgrade to version 2.11.1 or above.

Last Modified

2023-03-27

source