Lucene search
GoogleOSV:CVE-2023-25672HistoryMar 25, 2023 - 12:15 a.m.
CVE-2023-25672
2023-03-2500:15:07
Google
osv.dev
8
tensorflow
machine learning
vulnerability
fix
version 2.12.0
version 2.11.1
scalar parameter
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
37.9%
TensorFlow is an open source platform for machine learning. The function tf.raw_ops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Related
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow (CVE-2023-25672)
2023-06-28 20:23:33
veracode
veracode
Denial Of Service (DoS)
2023-03-30 09:38:18
prion
prion
Stack overflow
2023-03-25 00:15:00
cvelist
cvelist
CVE-2023-25672 TensorFlow has Null Pointer Error in LookupTableImportV2
2023-03-24 23:31:05
nvd
nvd
CVE-2023-25672
2023-03-25 00:15:07
cve
cve
CVE-2023-25672
2023-03-25 00:15:07
cbl_mariner
cbl_mariner
CVE-2023-25672 affecting package tensorflow for versions less than 2.11.1-1
2024-09-28 21:12:13
osv
osv
TensorFlow has Null Pointer Error in LookupTableImportV2
2023-03-24 21:54:55
BIT-tensorflow-2023-25672
2024-03-06 11:07:54
github
github
TensorFlow has Null Pointer Error in LookupTableImportV2
2023-03-24 21:54:55
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
37.9%
Related for OSV:CVE-2023-25672