CVE-2026-2492 affecting package tensorflow for versions less than 2.16.1-11

CVE-2026-2492 affecting package tensorflow for versions less than 2.16.1-11. A patched version of the package is available...

AZL-52449 CVE-2024-9681 affecting package tensorflow for versions less than 2.16.1-7

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

AZL-38554 CVE-2023-28319 affecting package tensorflow for versions less than 2.16.1-1

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...