CVE-2021-41213: Improper Locking
(updated )
TensorFlow is an open source platform for machine learning.This occurs due to using a non-reentrant Lock
Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive tf.function
, although this is not a frequent scenario.
References
Detect and mitigate CVE-2021-41213 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →