Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A code issue vulnerability exists in Google TensorFlow, which stems from the fact that when a tensor is recovered via the raw API, TensorFlow could be tricked into referencing a null pointer if a tensor name is not provided. An attacker could exploit the vulnerability by providing some tensor names to read memory outside the boundaries of the heap allocation data.
CPE | Name | Operator | Version |
---|---|---|---|
google tensorflow | lt | 2.6.0 | |
google tensorflow | lt | 2.5.1 | |
google tensorflow | lt | 2.4.3 | |
google tensorflow | lt | 2.3.4 |