Lucene search
GoogleOSV:PYSEC-2021-254HistoryMay 14, 2021 - 8:15 p.m.
PYSEC-2021-254
2021-05-1420:15:00
Google
osv.dev
6
0.001 Low
EPSS
Percentile
36.8%
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via CHECK-fail in tf.strings.substr with invalid arguments. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tensorflow | eq | 1.10.0 | |
| tensorflow | eq | 1.6.0 | |
| tensorflow | eq | 1.12.0 | |
| tensorflow | eq | 1.13.0rc0 | |
| tensorflow | eq | 1.7.0rc0 | |
| tensorflow | eq | 1.9.0 | |
| tensorflow | eq | 1.2.0rc0 | |
| tensorflow | eq | 2.4.2 | |
| tensorflow | eq | 2.0.1 | |
| tensorflow | eq | 1.4.0rc1 |
Related
osv
osv
BIT-tensorflow-2021-29617
2024-03-06 11:17:58
PYSEC-2021-545
2021-05-14 20:15:00
PYSEC-2021-743
2021-05-14 20:15:00
github
github
Crash in `tf.strings.substr` due to `CHECK`-fail
2021-05-21 14:28:50
nvd
nvd
CVE-2021-29617
2021-05-14 20:15:16
cve
cve
CVE-2021-29617
2021-05-14 20:15:16
prion
prion
Code injection
2021-05-14 20:15:00
cvelist
cvelist
CVE-2021-29617 Crash in `tf.strings.substr` due to `CHECK`-fail
2021-05-14 19:25:23
ibm
ibm