4 matches found
a2grunnerp (>=0.1.0 <=0.1.8), da4rdm-recsys-contentbased (>=1.0.1 <=1.0.3) potentially affected by CVE-2023-27506 via tensorflow-intel (>=2.10.0 <=2.11.0)
tensorflow-intel PYPI version =2.10.0, =0.1.0, =1.0.1, =1.0.3 Source cves: CVE-2023-27506 Source advisory: OSV:GHSA-M2F8-V8Q4-3M59...
ss-scrapping (>=0.1.0 <=0.2.0) potentially affected by CVE-2023-27506 via intel-tensorflow (=0.0.1)
intel-tensorflow PYPI version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on intel-tensorflow and may be impacted: - ss-scrapping =0.1.0, =0.2.0 Source cves: CVE-2023-27506 Source advisory: OSV:GHSA-M2F8-V8Q4-3M59...
CVE-2023-27506
CVE-2023-27506 affects Intel® Optimization for TensorFlow prior to 2.12. The issue arises from improper buffer restrictions, enabling a locally authenticated attacker to potentially escalate privileges on the system. Intel and multiple advisories reference the same vulnerability, with the primary...
Intel® Optimization for TensorFlow Software Advisory
Summary: A potential security vulnerability in the Intel® Optimization for TensorFlow software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-27506 Description: Improper buffer restrictions in...