Lucene search
HistoryMar 25, 2023 - 12:15 a.m.
CVE-2023-25672
tensorflow
machine learning
npe fix
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
37.9%
TensorFlow is an open source platform for machine learning. The function tf.raw_ops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Affected configurations
Node
googletensorflowRange<2.12.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tensorflow | * | cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:* |
Related
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow (CVE-2023-25672)
2023-06-28 20:23:33
veracode
veracode
Denial Of Service (DoS)
2023-03-30 09:38:18
prion
prion
Stack overflow
2023-03-25 00:15:00
cvelist
cvelist
CVE-2023-25672 TensorFlow has Null Pointer Error in LookupTableImportV2
2023-03-24 23:31:05
cve
cve
CVE-2023-25672
2023-03-25 00:15:07
osv
osv
CVE-2023-25672
2023-03-25 00:15:07
TensorFlow has Null Pointer Error in LookupTableImportV2
2023-03-24 21:54:55
BIT-tensorflow-2023-25672
2024-03-06 11:07:54
cbl_mariner
cbl_mariner
CVE-2023-25672 affecting package tensorflow for versions less than 2.11.1-1
2024-09-28 21:12:13
github
github
TensorFlow has Null Pointer Error in LookupTableImportV2
2023-03-24 21:54:55
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
37.9%
Related for NVD:CVE-2023-25672