tensorflow is vulnerable to denial of service. The vulnerability exists in the Compute
function of bincount_op.cc
When the SparseBincountis given inputs for
indices,
values, and
dense_shape` parameters, allowing an attacker to cause an application crash through the segmentation fault.
github.com/tensorflow/tensorflow/commit/40adbe4dd15b582b0210dfbf40c243a62f5119fa
github.com/tensorflow/tensorflow/commit/80699b1c09888651da0a9a7f55456a73ef86e2fa
github.com/tensorflow/tensorflow/commit/ca3507945219b72bd92ef4b2a7d71f5cb32a1cb3
github.com/tensorflow/tensorflow/commit/f2490982282004dbe202cecb8148817e8149177a
github.com/tensorflow/tensorflow/pull/57429
github.com/tensorflow/tensorflow/pull/57431
github.com/tensorflow/tensorflow/pull/57432
github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv