CVE-2020-15206: Improper Input Validation
(updated )
In Tensorflow, changing the TensorFlow’s SavedModel
protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-serving
or other inference-as-a-service installments.
References
Detect and mitigate CVE-2020-15206 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →