2 matches found
asc (>=0.1.0 <=0.3.1), cde (>=0.1.0 <=0.2.0.1) +28 more potentially affected by CVE-2018-7577 via tensorflow (>=1.1.0 <=1.7.0)
tensorflow PYPI version =1.1.0, =0.1.0, =0.1.0, =0.0.2, =1.0.4, =0.6.4, =0.9.0rc5, =0.0.1, =1.1.0, =0.6.0.2, =0.0.0.dev1, =2.0.4, =2.0.6 and more Source cves: CVE-2018-7577 Source advisory: OSV:GHSA-QX2V-J445-G354...
CVE-2018-7577
CVE-2018-7577 affects the Snappy library (1.1.4) as used by Google TensorFlow prior to 1.7.1. The vulnerability stems from memcpy parameter overlap, which can cause a crash or allow reading from other parts of process memory. Exploitation details are not provided in the documents. Practical impac...