CVE-2023-25660

🗓️ 25 Mar 2023 00:07:15Reported by GitHub_MType

TensorFlow 2.12.0 and 2.11.1 prior versions allow for nullptr reference leading to seg fault. Fix included in 2.12 and 2.11.1

Reporter	Title	Published	Views	Family All 22
OSV	TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`	24 Mar 202321:58	–	osv
OSV	CVE-2023-25660	25 Mar 202300:15	–	osv
OSV	BIT-tensorflow-2023-25660	6 Mar 202411:09	–	osv
Cvelist	CVE-2023-25660 TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`	24 Mar 202323:44	–	cvelist
Prion	Stack overflow	25 Mar 202300:15	–	prion
NVD	CVE-2023-25660	25 Mar 202300:15	–	nvd
CBLMariner	CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1	15 Oct 202308:09	–	cbl_mariner
CBLMariner	CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1	31 Jan 202516:08	–	cbl_mariner
Veracode	Denial Of Service (DoS)	29 Mar 202305:35	–	veracode
Github Security Blog	TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`	24 Mar 202321:58	–	github

Nvd

Vulners

Node

google tensorflowRange<2.12.0

[
  {
    "vendor": "tensorflow",
    "product": "tensorflow",
    "versions": [
      {
        "version": "< 2.1.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj
github	www.github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Mar 2023 00:15Current

7.4High risk

Vulners AI Score7.4

CVSS37.5

EPSS0.00136

SSVC

CWE-476