EPSS
Percentile
65.7%
tensorflow is vulnerable to format string attacks. The vulnerability exists as the fill argument of tf.strings.as_string reaches a printf call without sanitization.
fill
tf.strings.as_string
printf
lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html
github.com/tensorflow/tensorflow/commit/33be22c65d86256e6826666662e40dbdfe70ee83
github.com/tensorflow/tensorflow/releases/tag/v2.3.1
github.com/tensorflow/tensorflow/security/advisories/GHSA-xmq7-7fxm-rr79