4 matches found
CVE-2020-15199
In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +99 more potentially affected by CVE-2020-15199 via tensorflow-cpu (>=1.15.0 <=2.2.3)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.0.1, =0.3.3 and more Source cves: CVE-2020-15199 Source advisory: OSV:PYSEC-2020-279...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4742 more potentially affected by CVE-2020-15199 via tensorflow (>=1.0.1 <=2.3.0)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2020-15199 Source advisory: OSV:PYSEC-2020-122...
CVE-2020-15199
Summary: TensorFlow prior to 2.3.1 contains a bug in RaggedCountSparseOutput where input ragged tensors are not validated for proper splits; an empty or single-element splits can trigger a SIGABRT due to an initialization bound. Root cause: lack of validation in RaggedCountSparseOutput when formi...