BIT-tensorflow-2023-25659
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/tensorflow/BIT-tensorflow-2023-25659.json
- JSON Data
- https://api.osv.dev/v1/vulns/BIT-tensorflow-2023-25659
- Aliases
- Published
- 2024-03-06T11:09:42.179Z
- Modified
- 2025-05-20T10:02:07.006Z
- Summary
- TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
- Details
-
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter
indicesforDynamicStitchdoes not match the shape of the parameterdata, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. - Database specific
{ "cpes": [ "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*" ], "severity": "High" }- References
Affected packages
Bitnami / tensorflow
Package
- Name
- tensorflow
- Purl
- pkg:bitnami/tensorflow
Severity
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator