CVE-2020-15192: Improper Input Validation
(updated )
In Tensorflow, if a user passes a list of strings to dlpack.to_dlpack
there is a memory leak following an expected validation failure. The issue occurs because the status
argument during validation failures is not properly checked. Since each of the above methods can return an error status, the status
value must be checked before continuing.
References
Detect and mitigate CVE-2020-15192 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →