CVE-2021-29607: Improper Check for Unusual or Exceptional Conditions
(updated )
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseAdd
results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as well as write outside of bounds of heap allocated data.
References
- github.com/advisories/GHSA-gv26-jpj9-c8gq
- github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2
- github.com/tensorflow/tensorflow/commit/f6fde895ef9c77d848061c0517f19d0ec2682f3a
- github.com/tensorflow/tensorflow/security/advisories/GHSA-gv26-jpj9-c8gq
- nvd.nist.gov/vuln/detail/CVE-2021-29607
Detect and mitigate CVE-2021-29607 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →