tensorlfow is vulnerable to arbitrary code execution. The SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor, allowing an attacker to execute arbitrary code on the host OS by causing a shape mismatch that can result in accesses outside of the bounds of heap allocated buffers.