CVE-2021-41202: Incorrect Conversion between Numeric Types
(updated )
TensorFlow is an open source platform for machine learning. there is a conditional statement of type int64 = condition ? int64 : double
. Due to C++ implicit conversion rules, both branches of the condition will be cast to double
and the result would be truncated before the assignment.
References
Detect and mitigate CVE-2021-41202 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →