tensorflow
package is using the deprecated function tempfile.mktemp()
which is not secure. Because a different process may create a file with this name in the time between the call to mktemp()
and the subsequent attempt to create the file by the first process.
Availability will get effected because of this vulnerability.
Use mkstemp()
instead of tempfile.mktemp()