Identifier

CVE-2020-15210

Package Slug

pypi/tensorflow-gpu

Vulnerability

Improper Input Validation

Description

If a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption.

Affected Versions

All versions before 1.15.4, all versions starting from 2.0.0 before 2.0.3, all versions starting from 2.1.0 before 2.1.2, all versions starting from 2.2.0 before 2.2.1, all versions starting from 2.3.0 before 2.3.1

Solution

Upgrade to versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1 or above.

Last Modified

2020-10-05

source