tensorflow is vulnerable to denial of service. The vulnerability exists in Compute
function of batch_kernels.cc
because the function doesn’t handle nonscalar argument ids which allows an attacker to cause an application crash.
github.com/tensorflow/tensorflow/blob/769eddaf479c8debead9a59a72617d6ed6f0fe10/tensorflow/core/kernels/batch_kernels.cc#L891
github.com/tensorflow/tensorflow/commit/5f945fc6409a3c1e90d6970c9292f805f6e6ddf2
github.com/tensorflow/tensorflow/commit/95f789f0cbc2c7a04ff0774f0cf946d89e1682f9
github.com/tensorflow/tensorflow/commit/b1c0e172b293f19e6df8e669cccc4811bfe00125
github.com/tensorflow/tensorflow/commit/c122773d9c32bbe7902d95650159e90d5457bf54
github.com/tensorflow/tensorflow/pull/57244
github.com/tensorflow/tensorflow/pull/57245
github.com/tensorflow/tensorflow/pull/57246
github.com/tensorflow/tensorflow/security/advisories/GHSA-h5vq-gw2c-pq47