BIT-tensorflow-2022-41883

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/tensorflow/BIT-tensorflow-2022-41883.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-tensorflow-2022-41883
Aliases
Published
2024-03-06T11:11:35.699Z
Modified
2025-04-03T14:40:37.652Z
Summary
[none]
Details

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Database specific
{
    "cpes": [
        "cpe:2.3:a:google:tensorflow:2.10.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.10.0:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.10.0:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.10.0:rc2:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.10.0:rc3:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*"
    ],
    "severity": "High"
}
References

Affected packages

Bitnami / tensorflow

Package

Name
tensorflow
Purl
pkg:bitnami/tensorflow

Severity

  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
2.10.0-rc0
Fixed
2.10.0
Introduced
2.10.0-rc1
Fixed
2.10.0
Introduced
2.10.0-rc2
Fixed
2.10.0
Introduced
2.10.0-rc3
Fixed
2.10.0
Introduced
2.10.0
Fixed
2.10.1