tensorflow is vulnerable to denial of service. The vulnerability exists in Compute
function in parameterized_truncated_normal_op.cc
because ParameterizedTruncatedNormal
assumes shape is of type int32 only which allows an attacker to send shapes of mismatched types causing an application crash.
github.com/tensorflow/tensorflow/commit/54c01739253a08ec340e6774bec5d306698501ff
github.com/tensorflow/tensorflow/commit/72180be03447a10810edca700cbc9af690dfeb51
github.com/tensorflow/tensorflow/commit/ced10635088359538d9fa71a4da6c79ddf96b7a9
github.com/tensorflow/tensorflow/commit/da380c7d3281808c9076c7ca6e917b50feba99cb
github.com/tensorflow/tensorflow/pull/57281
github.com/tensorflow/tensorflow/pull/57282
github.com/tensorflow/tensorflow/pull/57283
github.com/tensorflow/tensorflow/security/advisories/GHSA-p2xf-8hgm-hpw5