PYSEC-2020-281

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/tensorflow-cpu/PYSEC-2020-281.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2020-281

Aliases

Published

2020-09-25T19:15:00Z

Modified

2023-12-06T01:00:16.699897Z

Summary

[none]

Details

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Hence, the code is prone to heap buffer overflow. If split_values does not end with a value at least num_values then the while loop condition will trigger a read outside of the bounds of split_values once batch_idx grows too large. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

References

Affected packages

PyPI / tensorflow-cpu

Package

Name: tensorflow-cpu; View open source insights on deps.dev
Purl: pkg:pypi/tensorflow-cpu

Affected ranges

Type: GIT
Repo: https://github.com/tensorflow/tensorflow
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3cbb917b4714766030b28eba9fb41bb97ce9ee02

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.1

Affected versions

1.*

1.15.0

2.*

2.1.0

2.1.1

2.1.2

2.1.3

2.1.4

2.2.0

2.2.1

2.2.2

2.2.3

2.3.0