Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/18361?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/18361?format=api", "purl": "pkg:pypi/tensorflow@2.3.0rc1", "type": "pypi", "namespace": "", "name": "tensorflow", "version": "2.3.0rc1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.4.4", "latest_non_vulnerable_version": "2.6.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35628?format=api", "vulnerability_id": "VCID-16bv-43x5-2yev", "summary": "In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the `splits` tensor generate a valid partitioning of the `values` tensor. Hence, the code is prone to heap buffer overflow. If `split_values` does not end with a value at least `num_values` then the `while` loop condition will trigger a read outside of the bounds of `split_values` once `batch_idx` grows too large. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.", "references": [ { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p5f8-gfw5-33w4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p5f8-gfw5-33w4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15201", "GHSA-p5f8-gfw5-33w4", "PYSEC-2020-124", "PYSEC-2020-281", "PYSEC-2020-316" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-16bv-43x5-2yev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35659?format=api", "vulnerability_id": "VCID-1sqz-62wf-nbd5", "summary": "In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the CPU kernel implementation receives it as a C++ `nan` floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.", "references": [ { "reference_url": "https://github.com/tensorflow/tensorflow/issues/42129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/42129" }, { "reference_url": "https://github.com/tensorflow/tensorflow/pull/42143/commits/3ade2efec2e90c6237de32a19680caaa3ebc2845", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/pull/42143/commits/3ade2efec2e90c6237de32a19680caaa3ebc2845" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xwhf-g6j5-j5gc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xwhf-g6j5-j5gc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18665?format=api", "purl": "pkg:pypi/tensorflow@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.0" } ], "aliases": [ "CVE-2020-15266", "GHSA-xwhf-g6j5-j5gc", "PYSEC-2020-139", "PYSEC-2020-296", "PYSEC-2020-331" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1sqz-62wf-nbd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35624?format=api", "vulnerability_id": "VCID-22fx-g11c-hyg7", "summary": "In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to `dlpack.to_dlpack` the expected validations will cause variables to bind to `nullptr` while setting a `status` variable to the error condition. However, this `status` argument is not properly checked. Hence, code following these methods will bind references to null pointers. This is undefined behavior and reported as an error if compiling with `-fsanitize=null`. The issue is patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8 and is released in TensorFlow versions 2.2.1, or 2.3.1.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q8qj-fc9q-cphr", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q8qj-fc9q-cphr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15191", "GHSA-q8qj-fc9q-cphr", "PYSEC-2020-114", "PYSEC-2020-271", "PYSEC-2020-306" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22fx-g11c-hyg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35660?format=api", "vulnerability_id": "VCID-26ws-81w3-q7cz", "summary": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.", "references": [ { "reference_url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/42105", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/42105" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18665?format=api", "purl": "pkg:pypi/tensorflow@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.0" } ], "aliases": [ "CVE-2020-15265", "GHSA-rrfp-j2mp-hq9c", "PYSEC-2020-138", "PYSEC-2020-295", "PYSEC-2020-330" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-26ws-81w3-q7cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35646?format=api", "vulnerability_id": "VCID-4p31-hqj7-kfau", "summary": "In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to `dlpack.to_dlpack` there is a memory leak following an expected validation failure. The issue occurs because the `status` argument during validation failures is not properly checked. Since each of the above methods can return an error status, the `status` value must be checked before continuing. The issue is patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8 and is released in TensorFlow versions 2.2.1, or 2.3.1.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15192", "GHSA-8fxw-76px-3rxv", "PYSEC-2020-115", "PYSEC-2020-272", "PYSEC-2020-307" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4p31-hqj7-kfau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5138?format=api", "vulnerability_id": "VCID-5781-vzmv-rkg4", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-611.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-611.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-809.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-809.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-394.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-394.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41201", "reference_id": "CVE-2021-41201", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41201" }, { "reference_url": "https://github.com/advisories/GHSA-j86v-p27c-73fm", "reference_id": "GHSA-j86v-p27c-73fm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j86v-p27c-73fm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41201", "GHSA-j86v-p27c-73fm", "PYSEC-2021-394", "PYSEC-2021-611", "PYSEC-2021-809" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5781-vzmv-rkg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35636?format=api", "vulnerability_id": "VCID-5gv5-xuze-q7he", "summary": "In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the `splits` tensor generate a valid partitioning of the `values` tensor. Thus, the code sets up conditions to cause a heap buffer overflow. A `BatchedMap` is equivalent to a vector where each element is a hashmap. However, if the first element of `splits_values` is not 0, `batch_idx` will never be 1, hence there will be no hashmap at index 0 in `per_batch_counts`. Trying to access that in the user code results in a segmentation fault. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.", "references": [ { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x7rp-74x2-mjf3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x7rp-74x2-mjf3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15200", "GHSA-x7rp-74x2-mjf3", "PYSEC-2020-123", "PYSEC-2020-280", "PYSEC-2020-315" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5gv5-xuze-q7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5144?format=api", "vulnerability_id": "VCID-5j3t-baqf-dbhs", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-844.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-844.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-846.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-846.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-842.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-842.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46888", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/46888" }, { "reference_url": "https://github.com/tensorflow/tensorflow/pull/51733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/pull/51733" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41195", "reference_id": "CVE-2021-41195", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41195" }, { "reference_url": "https://github.com/advisories/GHSA-cq76-mxrc-vchh", "reference_id": "GHSA-cq76-mxrc-vchh", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cq76-mxrc-vchh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" } ], "aliases": [ "CVE-2021-41195", "GHSA-cq76-mxrc-vchh", "PYSEC-2021-842", "PYSEC-2021-844", "PYSEC-2021-846" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5j3t-baqf-dbhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5114?format=api", "vulnerability_id": "VCID-68ym-s45d-8bhk", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-634.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-634.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-832.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-832.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-417.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-417.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41225", "reference_id": "CVE-2021-41225", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41225" }, { "reference_url": "https://github.com/advisories/GHSA-7r94-xv9v-63jw", "reference_id": "GHSA-7r94-xv9v-63jw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7r94-xv9v-63jw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41225", "GHSA-7r94-xv9v-63jw", "PYSEC-2021-417", "PYSEC-2021-634", "PYSEC-2021-832" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-68ym-s45d-8bhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5143?format=api", "vulnerability_id": "VCID-6wh3-uhcu-jqef", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-606.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-606.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-804.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-804.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-389.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-389.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/51936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/51936" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41196", "reference_id": "CVE-2021-41196", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41196" }, { "reference_url": "https://github.com/advisories/GHSA-m539-j985-hcr8", "reference_id": "GHSA-m539-j985-hcr8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m539-j985-hcr8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41196", "GHSA-m539-j985-hcr8", "PYSEC-2021-389", "PYSEC-2021-606", "PYSEC-2021-804" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wh3-uhcu-jqef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5132?format=api", "vulnerability_id": "VCID-6yd6-npyx-93cx", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-616.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-616.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-814.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-814.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-399.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-399.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/inplace_ops.cc#L72-L97", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/inplace_ops.cc#L72-L97" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9de11bdc2cf1284b2f635419bd3e6bbc7643eb2c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/9de11bdc2cf1284b2f635419bd3e6bbc7643eb2c" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d11f21bbdfa54f3576ae860fc927bf23c675ebc0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/d11f21bbdfa54f3576ae860fc927bf23c675ebc0" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e67caccea81167402c62977b5c521f2a8b261d6a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/e67caccea81167402c62977b5c521f2a8b261d6a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41207", "reference_id": "CVE-2021-41207", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41207" }, { "reference_url": "https://github.com/advisories/GHSA-7v94-64hj-m82h", "reference_id": "GHSA-7v94-64hj-m82h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7v94-64hj-m82h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41207", "GHSA-7v94-64hj-m82h", "PYSEC-2021-399", "PYSEC-2021-616", "PYSEC-2021-814" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6yd6-npyx-93cx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35638?format=api", "vulnerability_id": "VCID-79xv-tn5e-xqgr", "summary": "In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the `indices` tensor has rank 2. This tensor must be a matrix because code assumes its elements are accessed as elements of a matrix. However, malicious users can pass in tensors of different rank, resulting in a `CHECK` assertion failure and a crash. This can be used to cause denial of service in serving installations, if users are allowed to control the components of the input sparse tensor. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.", "references": [ { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qc53-44cj-vfvx", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qc53-44cj-vfvx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15197", "GHSA-qc53-44cj-vfvx", "PYSEC-2020-120", "PYSEC-2020-277", "PYSEC-2020-312" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79xv-tn5e-xqgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5124?format=api", "vulnerability_id": "VCID-7avd-xuag-ybbv", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-624.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-624.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-822.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-822.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-407.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-407.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41215", "reference_id": "CVE-2021-41215", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41215" }, { "reference_url": "https://github.com/advisories/GHSA-x3v8-c8qx-3j3r", "reference_id": "GHSA-x3v8-c8qx-3j3r", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-x3v8-c8qx-3j3r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41215", "GHSA-x3v8-c8qx-3j3r", "PYSEC-2021-407", "PYSEC-2021-624", "PYSEC-2021-822" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7avd-xuag-ybbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5129?format=api", "vulnerability_id": "VCID-7gat-e8qw-e7hd", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-619.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-619.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-817.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-817.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-402.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-402.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41210", "reference_id": "CVE-2021-41210", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41210" }, { "reference_url": "https://github.com/advisories/GHSA-m342-ff57-4jcc", "reference_id": "GHSA-m342-ff57-4jcc", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m342-ff57-4jcc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41210", "GHSA-m342-ff57-4jcc", "PYSEC-2021-402", "PYSEC-2021-619", "PYSEC-2021-817" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7gat-e8qw-e7hd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5125?format=api", "vulnerability_id": "VCID-85jp-mtkt-6kb1", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-623.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-623.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-821.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-821.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-406.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-406.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41214", "reference_id": "CVE-2021-41214", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41214" }, { "reference_url": "https://github.com/advisories/GHSA-vwhq-49r4-gj9v", "reference_id": "GHSA-vwhq-49r4-gj9v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vwhq-49r4-gj9v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41214", "GHSA-vwhq-49r4-gj9v", "PYSEC-2021-406", "PYSEC-2021-623", "PYSEC-2021-821" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85jp-mtkt-6kb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5137?format=api", "vulnerability_id": "VCID-8bz4-tb8u-ckdy", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-612.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-612.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-810.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-810.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-395.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-395.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46889", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/46889" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/46912" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41202", "reference_id": "CVE-2021-41202", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41202" }, { "reference_url": "https://github.com/advisories/GHSA-xrqm-fpgr-6hhx", "reference_id": "GHSA-xrqm-fpgr-6hhx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-xrqm-fpgr-6hhx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41202", "GHSA-xrqm-fpgr-6hhx", "PYSEC-2021-395", "PYSEC-2021-612", "PYSEC-2021-810" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8bz4-tb8u-ckdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35637?format=api", "vulnerability_id": "VCID-9na3-g739-u7de", "summary": "In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the `splits` tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since `BatchedMap` is equivalent to a vector, it needs to have at least one element to not be `nullptr`. If user passes a `splits` tensor that is empty or has exactly one element, we get a `SIGABRT` signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.", "references": [ { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15199", "GHSA-x5cp-9pcf-pp3h", "PYSEC-2020-122", "PYSEC-2020-279", "PYSEC-2020-314" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9na3-g739-u7de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5113?format=api", "vulnerability_id": "VCID-at48-mrdj-a3en", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-635.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-635.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-833.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-833.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-418.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-418.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41226", "reference_id": "CVE-2021-41226", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41226" }, { "reference_url": "https://github.com/advisories/GHSA-374m-jm66-3vj8", "reference_id": "GHSA-374m-jm66-3vj8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-374m-jm66-3vj8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41226", "GHSA-374m-jm66-3vj8", "PYSEC-2021-418", "PYSEC-2021-635", "PYSEC-2021-833" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-at48-mrdj-a3en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5116?format=api", "vulnerability_id": "VCID-au3q-9qpz-pkgy", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-632.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-632.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-830.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-830.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-415.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-415.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41223", "reference_id": "CVE-2021-41223", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41223" }, { "reference_url": "https://github.com/advisories/GHSA-f54p-f6jp-4rhr", "reference_id": "GHSA-f54p-f6jp-4rhr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-f54p-f6jp-4rhr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41223", "GHSA-f54p-f6jp-4rhr", "PYSEC-2021-415", "PYSEC-2021-632", "PYSEC-2021-830" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-au3q-9qpz-pkgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5130?format=api", "vulnerability_id": "VCID-bgt5-979r-auc5", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-618.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-618.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-816.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-816.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-401.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-401.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41209", "reference_id": "CVE-2021-41209", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41209" }, { "reference_url": "https://github.com/advisories/GHSA-6hpv-v2rx-c5g6", "reference_id": "GHSA-6hpv-v2rx-c5g6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6hpv-v2rx-c5g6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41209", "GHSA-6hpv-v2rx-c5g6", "PYSEC-2021-401", "PYSEC-2021-618", "PYSEC-2021-816" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgt5-979r-auc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5118?format=api", "vulnerability_id": "VCID-bh5b-u3zt-puf9", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-630.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-630.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-828.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-828.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-413.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-413.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41221", "reference_id": "CVE-2021-41221", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41221" }, { "reference_url": "https://github.com/advisories/GHSA-cqv6-3phm-hcwx", "reference_id": "GHSA-cqv6-3phm-hcwx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cqv6-3phm-hcwx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41221", "GHSA-cqv6-3phm-hcwx", "PYSEC-2021-413", "PYSEC-2021-630", "PYSEC-2021-828" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bh5b-u3zt-puf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5122?format=api", "vulnerability_id": "VCID-cswq-zynn-h7ct", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-626.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-626.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-824.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-824.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-409.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-409.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41217", "reference_id": "CVE-2021-41217", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41217" }, { "reference_url": "https://github.com/advisories/GHSA-5crj-c72x-m7gq", "reference_id": "GHSA-5crj-c72x-m7gq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5crj-c72x-m7gq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41217", "GHSA-5crj-c72x-m7gq", "PYSEC-2021-409", "PYSEC-2021-626", "PYSEC-2021-824" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cswq-zynn-h7ct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5141?format=api", "vulnerability_id": "VCID-dcp4-adwb-efd7", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-608.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-608.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-806.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-806.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-391.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-391.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/46911" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41198", "reference_id": "CVE-2021-41198", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41198" }, { "reference_url": "https://github.com/advisories/GHSA-2p25-55c9-h58q", "reference_id": "GHSA-2p25-55c9-h58q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2p25-55c9-h58q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41198", "GHSA-2p25-55c9-h58q", "PYSEC-2021-391", "PYSEC-2021-608", "PYSEC-2021-806" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcp4-adwb-efd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5112?format=api", "vulnerability_id": "VCID-ffnh-y8v7-9yg7", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-636.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-636.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-834.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-834.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-419.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-419.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41227", "reference_id": "CVE-2021-41227", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41227" }, { "reference_url": "https://github.com/advisories/GHSA-j8c8-67vp-6mx7", "reference_id": "GHSA-j8c8-67vp-6mx7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j8c8-67vp-6mx7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41227", "GHSA-j8c8-67vp-6mx7", "PYSEC-2021-419", "PYSEC-2021-636", "PYSEC-2021-834" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ffnh-y8v7-9yg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5111?format=api", "vulnerability_id": "VCID-h638-b3zk-wqfa", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-637.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-637.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-835.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-835.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-420.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-420.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41228", "reference_id": "CVE-2021-41228", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41228" }, { "reference_url": "https://github.com/advisories/GHSA-3rcw-9p9x-582v", "reference_id": "GHSA-3rcw-9p9x-582v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3rcw-9p9x-582v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41228", "GHSA-3rcw-9p9x-582v", "PYSEC-2021-420", "PYSEC-2021-637", "PYSEC-2021-835" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h638-b3zk-wqfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5133?format=api", "vulnerability_id": "VCID-k9e7-kmzx-wqbn", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-845.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-845.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-847.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-847.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-843.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-843.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41206", "reference_id": "CVE-2021-41206", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41206" }, { "reference_url": "https://github.com/advisories/GHSA-pgcq-h79j-2f69", "reference_id": "GHSA-pgcq-h79j-2f69", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pgcq-h79j-2f69" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" } ], "aliases": [ "CVE-2021-41206", "GHSA-pgcq-h79j-2f69", "PYSEC-2021-843", "PYSEC-2021-845", "PYSEC-2021-847" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k9e7-kmzx-wqbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5117?format=api", "vulnerability_id": "VCID-kq2a-p2fu-n7gc", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-631.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-631.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-829.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-829.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-414.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-414.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41222", "reference_id": "CVE-2021-41222", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41222" }, { "reference_url": "https://github.com/advisories/GHSA-cpf4-wx82-gxp6", "reference_id": "GHSA-cpf4-wx82-gxp6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cpf4-wx82-gxp6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41222", "GHSA-cpf4-wx82-gxp6", "PYSEC-2021-414", "PYSEC-2021-631", "PYSEC-2021-829" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kq2a-p2fu-n7gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5142?format=api", "vulnerability_id": "VCID-ngd2-qzsa-ubdv", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-607.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-607.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-805.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-805.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-390.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-390.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/46890" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/51908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/51908" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41197", "reference_id": "CVE-2021-41197", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41197" }, { "reference_url": "https://github.com/advisories/GHSA-prcg-wp5q-rv7p", "reference_id": "GHSA-prcg-wp5q-rv7p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-prcg-wp5q-rv7p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41197", "GHSA-prcg-wp5q-rv7p", "PYSEC-2021-390", "PYSEC-2021-607", "PYSEC-2021-805" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngd2-qzsa-ubdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5121?format=api", "vulnerability_id": "VCID-p2z3-j6kf-p3dd", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-627.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-627.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-825.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-825.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-410.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-410.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41218", "reference_id": "CVE-2021-41218", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41218" }, { "reference_url": "https://github.com/advisories/GHSA-9crf-c6qr-r273", "reference_id": "GHSA-9crf-c6qr-r273", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9crf-c6qr-r273" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41218", "GHSA-9crf-c6qr-r273", "PYSEC-2021-410", "PYSEC-2021-627", "PYSEC-2021-825" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p2z3-j6kf-p3dd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5126?format=api", "vulnerability_id": "VCID-qe3m-tepe-sqbq", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-622.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-622.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-820.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-820.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-405.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-405.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41213", "reference_id": "CVE-2021-41213", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41213" }, { "reference_url": "https://github.com/advisories/GHSA-h67m-xg8f-fxcf", "reference_id": "GHSA-h67m-xg8f-fxcf", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-h67m-xg8f-fxcf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41213", "GHSA-h67m-xg8f-fxcf", "PYSEC-2021-405", "PYSEC-2021-622", "PYSEC-2021-820" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qe3m-tepe-sqbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5139?format=api", "vulnerability_id": "VCID-r184-6v15-tqgm", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-610.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-610.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-808.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-808.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-393.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-393.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/46909" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41200", "reference_id": "CVE-2021-41200", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41200" }, { "reference_url": "https://github.com/advisories/GHSA-gh8h-7j2j-qv4f", "reference_id": "GHSA-gh8h-7j2j-qv4f", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gh8h-7j2j-qv4f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41200", "GHSA-gh8h-7j2j-qv4f", "PYSEC-2021-393", "PYSEC-2021-610", "PYSEC-2021-808" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r184-6v15-tqgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35643?format=api", "vulnerability_id": "VCID-sdzd-ajns-dkh1", "summary": "In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing in a Python object instead of a tensor. The uninitialized memory address is due to a `reinterpret_cast` Since the `PyObject` is a Python object, not a TensorFlow Tensor, the cast to `EagerTensor` fails. The issue is patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8 and is released in TensorFlow versions 2.2.1, or 2.3.1.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjjg-hgv6-h69v", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjjg-hgv6-h69v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15193", "GHSA-rjjg-hgv6-h69v", "PYSEC-2020-116", "PYSEC-2020-273", "PYSEC-2020-308" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sdzd-ajns-dkh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35647?format=api", "vulnerability_id": "VCID-tdvx-q3rc-wqd4", "summary": "In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `RaggedCountSparseOutput` implementations don't validate that the `weights` tensor has the same shape as the data. The check exists for `DenseCountSparseOutput`, where both tensors are fully specified. In the sparse and ragged count weights are still accessed in parallel with the data. But, since there is no validation, a user passing fewer weights than the values for the tensors can generate a read from outside the bounds of the heap buffer allocated for the weights. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.", "references": [ { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pg59-2f92-5cph", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pg59-2f92-5cph" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15196", "GHSA-pg59-2f92-5cph", "PYSEC-2020-119", "PYSEC-2020-276", "PYSEC-2020-311" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tdvx-q3rc-wqd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5115?format=api", "vulnerability_id": "VCID-tf8j-fa4n-2qcy", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-633.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-633.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-831.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-831.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-416.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-416.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41224", "reference_id": "CVE-2021-41224", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41224" }, { "reference_url": "https://github.com/advisories/GHSA-rg3m-hqc5-344v", "reference_id": "GHSA-rg3m-hqc5-344v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rg3m-hqc5-344v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41224", "GHSA-rg3m-hqc5-344v", "PYSEC-2021-416", "PYSEC-2021-633", "PYSEC-2021-831" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tf8j-fa4n-2qcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5123?format=api", "vulnerability_id": "VCID-ty1g-525f-jkan", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-625.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-625.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-823.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-823.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-408.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-408.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/array_ops.cc#L121-L185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/array_ops.cc#L121-L185" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41216", "reference_id": "CVE-2021-41216", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41216" }, { "reference_url": "https://github.com/advisories/GHSA-3ff2-r28g-w7h9", "reference_id": "GHSA-3ff2-r28g-w7h9", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3ff2-r28g-w7h9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41216", "GHSA-3ff2-r28g-w7h9", "PYSEC-2021-408", "PYSEC-2021-625", "PYSEC-2021-823" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ty1g-525f-jkan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5120?format=api", "vulnerability_id": "VCID-uqae-1yv2-fuc2", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-628.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-628.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-826.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-826.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-411.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-411.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41219", "reference_id": "CVE-2021-41219", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41219" }, { "reference_url": "https://github.com/advisories/GHSA-4f99-p9c2-3j8x", "reference_id": "GHSA-4f99-p9c2-3j8x", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4f99-p9c2-3j8x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41219", "GHSA-4f99-p9c2-3j8x", "PYSEC-2021-411", "PYSEC-2021-628", "PYSEC-2021-826" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uqae-1yv2-fuc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5135?format=api", "vulnerability_id": "VCID-v7xq-gfna-5kfw", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-614.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-614.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-812.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-812.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-397.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-397.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41204", "reference_id": "CVE-2021-41204", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41204" }, { "reference_url": "https://github.com/advisories/GHSA-786j-5qwq-r36x", "reference_id": "GHSA-786j-5qwq-r36x", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-786j-5qwq-r36x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41204", "GHSA-786j-5qwq-r36x", "PYSEC-2021-397", "PYSEC-2021-614", "PYSEC-2021-812" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v7xq-gfna-5kfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5134?format=api", "vulnerability_id": "VCID-vsxn-sk73-dbg5", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-615.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-615.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-813.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-813.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-398.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-398.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41205", "reference_id": "CVE-2021-41205", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41205" }, { "reference_url": "https://github.com/advisories/GHSA-49rx-x2rw-pc6f", "reference_id": "GHSA-49rx-x2rw-pc6f", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-49rx-x2rw-pc6f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41205", "GHSA-49rx-x2rw-pc6f", "PYSEC-2021-398", "PYSEC-2021-615", "PYSEC-2021-813" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vsxn-sk73-dbg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5136?format=api", "vulnerability_id": "VCID-wdpc-4xjf-pqgh", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-613.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-613.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-811.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-811.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-396.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-396.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41203", "reference_id": "CVE-2021-41203", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41203" }, { "reference_url": "https://github.com/advisories/GHSA-7pxj-m4jf-r6h2", "reference_id": "GHSA-7pxj-m4jf-r6h2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7pxj-m4jf-r6h2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41203", "GHSA-7pxj-m4jf-r6h2", "PYSEC-2021-396", "PYSEC-2021-613", "PYSEC-2021-811" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdpc-4xjf-pqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5140?format=api", "vulnerability_id": "VCID-wskj-uyt9-akab", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-609.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-609.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-807.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-807.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-392.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-392.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/issues/46914" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41199", "reference_id": "CVE-2021-41199", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41199" }, { "reference_url": "https://github.com/advisories/GHSA-5hx2-qx8j-qjqm", "reference_id": "GHSA-5hx2-qx8j-qjqm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5hx2-qx8j-qjqm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41199", "GHSA-5hx2-qx8j-qjqm", "PYSEC-2021-392", "PYSEC-2021-609", "PYSEC-2021-807" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wskj-uyt9-akab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5127?format=api", "vulnerability_id": "VCID-xdz6-2ckp-a3dw", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-621.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-621.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-819.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-819.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-404.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-404.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41212", "reference_id": "CVE-2021-41212", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41212" }, { "reference_url": "https://github.com/advisories/GHSA-fr77-rrx3-cp7g", "reference_id": "GHSA-fr77-rrx3-cp7g", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fr77-rrx3-cp7g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41212", "GHSA-fr77-rrx3-cp7g", "PYSEC-2021-404", "PYSEC-2021-621", "PYSEC-2021-819" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xdz6-2ckp-a3dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5131?format=api", "vulnerability_id": "VCID-y5ak-4gg9-sqaj", "summary": "multiple issues", "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-617.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-617.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-815.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-815.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-400.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-400.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41208", "reference_id": "CVE-2021-41208", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41208" }, { "reference_url": "https://github.com/advisories/GHSA-57wx-m983-2f88", "reference_id": "GHSA-57wx-m983-2f88", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-57wx-m983-2f88" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24867?format=api", "purl": "pkg:pypi/tensorflow@2.4.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/24868?format=api", "purl": "pkg:pypi/tensorflow@2.5.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24869?format=api", "purl": "pkg:pypi/tensorflow@2.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/24870?format=api", "purl": "pkg:pypi/tensorflow@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-217a-71wn-nybg" }, { "vulnerability": "VCID-2hj4-bbfq-xqfj" }, { "vulnerability": "VCID-2sak-438s-bbg8" }, { "vulnerability": "VCID-2t7w-zpd8-suc9" }, { "vulnerability": "VCID-34je-dsqs-2qeh" }, { "vulnerability": "VCID-3nws-uqh8-wydf" }, { "vulnerability": "VCID-3y5w-424q-8qcn" }, { "vulnerability": "VCID-4n1w-zfpr-dugh" }, { "vulnerability": "VCID-56kw-66kj-1kb7" }, { "vulnerability": "VCID-65fu-yg2h-zycr" }, { "vulnerability": "VCID-6bgf-h7cu-27ec" }, { "vulnerability": "VCID-6jvw-p6me-mke6" }, { "vulnerability": "VCID-6nfa-78eb-jffv" }, { "vulnerability": "VCID-6set-8e9p-nyeu" }, { "vulnerability": "VCID-6xhv-euz8-zkc8" }, { "vulnerability": "VCID-76t8-h98v-buhf" }, { "vulnerability": "VCID-7jup-pyyw-c3eg" }, { "vulnerability": "VCID-7rgb-m55r-4yhr" }, { "vulnerability": "VCID-7z58-8eek-3fg2" }, { "vulnerability": "VCID-87r3-u8t5-m7d2" }, { "vulnerability": "VCID-8b1b-hevb-cqht" }, { "vulnerability": "VCID-af9s-d9qq-tuh7" }, { "vulnerability": "VCID-bmvq-fjkr-2fc3" }, { "vulnerability": "VCID-bvuf-q5tx-x3ec" }, { "vulnerability": "VCID-c5wa-uqe8-yqh1" }, { "vulnerability": "VCID-d3qq-2w3d-dqe8" }, { "vulnerability": "VCID-e73t-pxc6-k7f3" }, { "vulnerability": "VCID-f9a1-y3bw-tkbh" }, { "vulnerability": "VCID-g3tv-ra2y-hqdn" }, { "vulnerability": "VCID-g7mk-ddes-8fa8" }, { "vulnerability": "VCID-jgpf-xs7n-sbcn" }, { "vulnerability": "VCID-jhq5-zhxm-a3ef" }, { "vulnerability": "VCID-jpzs-vcck-6kce" }, { "vulnerability": "VCID-me54-9e62-qfdt" }, { "vulnerability": "VCID-mgvb-rccx-ffbz" }, { "vulnerability": "VCID-mka4-sg7r-v3am" }, { "vulnerability": "VCID-n8yf-dh79-83gt" }, { "vulnerability": "VCID-nu75-chwt-fkdp" }, { "vulnerability": "VCID-psey-gff8-nyg8" }, { "vulnerability": "VCID-pve4-4466-tqah" }, { "vulnerability": "VCID-rapw-1955-2ydq" }, { "vulnerability": "VCID-rgat-jz7g-5qgd" }, { "vulnerability": "VCID-rz3q-tnf3-mygj" }, { "vulnerability": "VCID-sb76-qn7q-2ben" }, { "vulnerability": "VCID-sney-upy2-cub5" }, { "vulnerability": "VCID-t3m9-6h7k-9uax" }, { "vulnerability": "VCID-tdw3-fns6-6baz" }, { "vulnerability": "VCID-u197-te8d-jydm" }, { "vulnerability": "VCID-vfkq-sva3-nybz" }, { "vulnerability": "VCID-w1s8-6nq3-4bgp" }, { "vulnerability": "VCID-xftt-xdnj-fuhd" }, { "vulnerability": "VCID-yv3z-fhhz-9fa4" }, { "vulnerability": "VCID-z8wr-n2z5-pffq" }, { "vulnerability": "VCID-zfuy-5852-fug5" }, { "vulnerability": "VCID-zj5j-12r4-4bhp" }, { "vulnerability": "VCID-zztr-pqqn-w7fd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.7.0" } ], "aliases": [ "CVE-2021-41208", "GHSA-57wx-m983-2f88", "PYSEC-2021-400", "PYSEC-2021-617", "PYSEC-2021-815" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5ak-4gg9-sqaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35634?format=api", "vulnerability_id": "VCID-y634-q7n4-jbhu", "summary": "In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the `indices` tensor has the same shape as the `values` one. The values in these tensors are always accessed in parallel. Thus, a shape mismatch can result in accesses outside the bounds of heap allocated buffers. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.", "references": [ { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02" }, { "reference_url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jc87-6vpp-7ff3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jc87-6vpp-7ff3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18365?format=api", "purl": "pkg:pypi/tensorflow@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12ag-tat1-gka9" }, { "vulnerability": "VCID-16jz-8vkj-eud8" }, { "vulnerability": "VCID-16mm-ycqw-uqek" }, { "vulnerability": "VCID-18bk-11va-3bdt" }, { "vulnerability": "VCID-1966-8tnk-77gv" }, { "vulnerability": "VCID-196x-apq7-h7e7" }, { "vulnerability": "VCID-19ka-ye78-gkak" }, { "vulnerability": "VCID-1d58-76k6-gqhe" }, { "vulnerability": "VCID-1evq-xf8d-tbaj" }, { "vulnerability": "VCID-1sqz-62wf-nbd5" }, { "vulnerability": "VCID-21ec-1t3c-uffr" }, { "vulnerability": "VCID-2264-dhde-xkd2" }, { "vulnerability": "VCID-26ws-81w3-q7cz" }, { "vulnerability": "VCID-2k1k-p7zh-guew" }, { "vulnerability": "VCID-2pkc-gdjx-7bcf" }, { "vulnerability": "VCID-2qgn-e3gc-sffu" }, { "vulnerability": "VCID-2wfc-evgs-8qgy" }, { "vulnerability": "VCID-3643-715j-8qfb" }, { "vulnerability": "VCID-3d16-2aaa-vfdx" }, { "vulnerability": "VCID-3e9u-gag2-e3bn" }, { "vulnerability": "VCID-3jda-g49u-cydb" }, { "vulnerability": "VCID-4de1-psyn-7kej" }, { "vulnerability": "VCID-4fh9-ct4y-q7bh" }, { "vulnerability": "VCID-4ry9-3mje-w7db" }, { "vulnerability": "VCID-4ufg-8qpz-vkfh" }, { "vulnerability": "VCID-4ujh-25ns-ryge" }, { "vulnerability": "VCID-5781-vzmv-rkg4" }, { "vulnerability": "VCID-58yc-xxq9-b3cj" }, { "vulnerability": "VCID-59ck-jg98-hufk" }, { "vulnerability": "VCID-5j3t-baqf-dbhs" }, { "vulnerability": "VCID-5ke1-vz5z-qubj" }, { "vulnerability": "VCID-5m82-fmvp-4qd1" }, { "vulnerability": "VCID-5xmw-6dmh-myfd" }, { "vulnerability": "VCID-67ks-3hd1-8fff" }, { "vulnerability": "VCID-68ym-s45d-8bhk" }, { "vulnerability": "VCID-6j49-ccph-uqht" }, { "vulnerability": "VCID-6nby-ppgb-e3f7" }, { "vulnerability": "VCID-6nwu-16c4-zub4" }, { "vulnerability": "VCID-6wh3-uhcu-jqef" }, { "vulnerability": "VCID-6yd6-npyx-93cx" }, { "vulnerability": "VCID-72kc-wrzg-1fem" }, { "vulnerability": "VCID-73f5-1wu8-hyad" }, { "vulnerability": "VCID-77ap-cbge-vfam" }, { "vulnerability": "VCID-799s-fus4-nygx" }, { "vulnerability": "VCID-7avd-xuag-ybbv" }, { "vulnerability": "VCID-7gat-e8qw-e7hd" }, { "vulnerability": "VCID-7jh5-5t2v-tfey" }, { "vulnerability": "VCID-7mym-t3x9-1kba" }, { "vulnerability": "VCID-7uz4-aqf7-7kd6" }, { "vulnerability": "VCID-85jp-mtkt-6kb1" }, { "vulnerability": "VCID-88wb-nvj1-hff7" }, { "vulnerability": "VCID-8bz4-tb8u-ckdy" }, { "vulnerability": "VCID-8m8a-1xtu-6qe1" }, { "vulnerability": "VCID-8ura-ud9s-tubb" }, { "vulnerability": "VCID-8vds-6bfq-57gn" }, { "vulnerability": "VCID-8zuz-d9cs-kudv" }, { "vulnerability": "VCID-9923-nuxh-eked" }, { "vulnerability": "VCID-9arq-1tkc-9ygx" }, { "vulnerability": "VCID-9m2f-4p8m-yudc" }, { "vulnerability": "VCID-9ngh-ejcp-5uam" }, { "vulnerability": "VCID-9z61-fqek-cyfd" }, { "vulnerability": "VCID-a1qw-qqgu-yba7" }, { "vulnerability": "VCID-agdq-htep-yqd8" }, { "vulnerability": "VCID-at48-mrdj-a3en" }, { "vulnerability": "VCID-au3q-9qpz-pkgy" }, { "vulnerability": "VCID-awrv-vnbj-3kg6" }, { "vulnerability": "VCID-b23t-3kmy-ubea" }, { "vulnerability": "VCID-bgt5-979r-auc5" }, { "vulnerability": "VCID-bh5b-u3zt-puf9" }, { "vulnerability": "VCID-bnhj-ujmq-mqad" }, { "vulnerability": "VCID-bpf4-92yf-mbc3" }, { "vulnerability": "VCID-bqz5-ccx5-v3ga" }, { "vulnerability": "VCID-bvkn-s2tz-2fdz" }, { "vulnerability": "VCID-c3wv-ty85-nqhc" }, { "vulnerability": "VCID-c58x-wt2g-r7h4" }, { "vulnerability": "VCID-c9xx-2q93-tuau" }, { "vulnerability": "VCID-c9y5-6qrm-eud4" }, { "vulnerability": "VCID-cbgv-kvzc-gffm" }, { "vulnerability": "VCID-cejb-v628-1ffm" }, { "vulnerability": "VCID-cqub-cr1u-hfgq" }, { "vulnerability": "VCID-cswq-zynn-h7ct" }, { "vulnerability": "VCID-cw38-rqj2-wqdz" }, { "vulnerability": "VCID-cwdj-z1sm-9yhg" }, { "vulnerability": "VCID-dc34-decx-k3hh" }, { "vulnerability": "VCID-dcp4-adwb-efd7" }, { "vulnerability": "VCID-ddza-zrpb-s7bp" }, { "vulnerability": "VCID-dkd3-m81p-afga" }, { "vulnerability": "VCID-dkne-cc8g-qqfb" }, { "vulnerability": "VCID-dzps-vajm-zyc7" }, { "vulnerability": "VCID-ebhp-jwrs-97en" }, { "vulnerability": "VCID-ek6s-f4ee-pqdb" }, { "vulnerability": "VCID-ek9g-fqpc-s7a5" }, { "vulnerability": "VCID-ep2z-xrdv-tyhh" }, { "vulnerability": "VCID-ewrz-th6a-augc" }, { "vulnerability": "VCID-f1y6-1m5y-nyeb" }, { "vulnerability": "VCID-f8h7-zfxn-wbaj" }, { "vulnerability": "VCID-ff6q-r2px-skfx" }, { "vulnerability": "VCID-ffnh-y8v7-9yg7" }, { "vulnerability": "VCID-fs5e-w6u9-t3e3" }, { "vulnerability": "VCID-fsvt-37wk-3ban" }, { "vulnerability": "VCID-g3af-vhsj-sfbq" }, { "vulnerability": "VCID-gfss-uup9-vbcg" }, { "vulnerability": "VCID-gkfg-96vh-4yfh" }, { "vulnerability": "VCID-gtvx-jmfk-m3as" }, { "vulnerability": "VCID-h4v7-a4q6-vkbk" }, { "vulnerability": "VCID-h638-b3zk-wqfa" }, { "vulnerability": "VCID-hfdu-27kr-sydk" }, { "vulnerability": "VCID-hfpv-3wqv-efcc" }, { "vulnerability": "VCID-hjh6-h2qm-qqf1" }, { "vulnerability": "VCID-hqmg-s8md-nfdg" }, { "vulnerability": "VCID-hxcf-s6zm-vkf4" }, { "vulnerability": "VCID-hyby-xv7h-dfhv" }, { "vulnerability": "VCID-j5dh-pqjc-6khb" }, { "vulnerability": "VCID-jcsd-39zt-mff3" }, { "vulnerability": "VCID-jhes-k3ad-eudj" }, { "vulnerability": "VCID-jhg2-36wx-3yak" }, { "vulnerability": "VCID-jw2t-x5rp-cuak" }, { "vulnerability": "VCID-jzyy-uhc2-mygp" }, { "vulnerability": "VCID-k2gy-5yy5-1bda" }, { "vulnerability": "VCID-k3c7-w97n-abgn" }, { "vulnerability": "VCID-k5j6-8e9q-ebfh" }, { "vulnerability": "VCID-k9e7-kmzx-wqbn" }, { "vulnerability": "VCID-kh95-uhfy-4bap" }, { "vulnerability": "VCID-kq2a-p2fu-n7gc" }, { "vulnerability": "VCID-ktkb-wn56-qfdk" }, { "vulnerability": "VCID-mgmu-rmp5-j3dg" }, { "vulnerability": "VCID-msu6-6ceu-sfhp" }, { "vulnerability": "VCID-mvd2-c7j6-j3af" }, { "vulnerability": "VCID-n48p-tmcx-nbgz" }, { "vulnerability": "VCID-ngd2-qzsa-ubdv" }, { "vulnerability": "VCID-nvfv-wvym-z3dd" }, { "vulnerability": "VCID-nvj2-7te9-b7d6" }, { "vulnerability": "VCID-nvng-rhqm-rydz" }, { "vulnerability": "VCID-p2z3-j6kf-p3dd" }, { "vulnerability": "VCID-p323-2gvz-y3h8" }, { "vulnerability": "VCID-p5t8-35k8-sqfa" }, { "vulnerability": "VCID-peue-bqmn-uqfg" }, { "vulnerability": "VCID-pgwz-utzn-hkh9" }, { "vulnerability": "VCID-ps14-2s8s-u3cr" }, { "vulnerability": "VCID-q2ga-y533-jqcj" }, { "vulnerability": "VCID-q35a-hgz8-nfdr" }, { "vulnerability": "VCID-q8c5-tvhr-z3dt" }, { "vulnerability": "VCID-q9ch-e5ap-3fgb" }, { "vulnerability": "VCID-qa1r-3bun-f7e1" }, { "vulnerability": "VCID-qe3m-tepe-sqbq" }, { "vulnerability": "VCID-qg3u-d5ad-wbhh" }, { "vulnerability": "VCID-qgzx-tdkx-5fb5" }, { "vulnerability": "VCID-qmh5-jqk8-4kb1" }, { "vulnerability": "VCID-qr4x-dcdm-ryff" }, { "vulnerability": "VCID-r184-6v15-tqgm" }, { "vulnerability": "VCID-r1ps-696b-eydq" }, { "vulnerability": "VCID-r39c-4e32-efef" }, { "vulnerability": "VCID-r97s-gcmq-57bz" }, { "vulnerability": "VCID-rvbe-fjhx-k3d8" }, { "vulnerability": "VCID-rwg3-mgdg-53gu" }, { "vulnerability": "VCID-rwm5-mh67-ffak" }, { "vulnerability": "VCID-rz6u-b53k-mugy" }, { "vulnerability": "VCID-rz6x-pgk3-pkhq" }, { "vulnerability": "VCID-s11w-7r7p-g3dt" }, { "vulnerability": "VCID-s14j-5by2-wkad" }, { "vulnerability": "VCID-s1sv-bbdn-dufy" }, { "vulnerability": "VCID-s9h2-34vm-uuee" }, { "vulnerability": "VCID-tdhn-4egx-zkfk" }, { "vulnerability": "VCID-tes7-qh2s-c3fc" }, { "vulnerability": "VCID-tf8j-fa4n-2qcy" }, { "vulnerability": "VCID-tsf8-btra-gugr" }, { "vulnerability": "VCID-tu1g-gp43-yyar" }, { "vulnerability": "VCID-ty1g-525f-jkan" }, { "vulnerability": "VCID-u5k6-91yj-hygz" }, { "vulnerability": "VCID-u91f-w6ux-zkgm" }, { "vulnerability": "VCID-ucn5-x3dt-27gy" }, { "vulnerability": "VCID-udg9-wgju-gfem" }, { "vulnerability": "VCID-uqae-1yv2-fuc2" }, { "vulnerability": "VCID-urvs-ucet-y7ba" }, { "vulnerability": "VCID-uunc-4x3a-ukf3" }, { "vulnerability": "VCID-uxua-8x9x-qqd8" }, { "vulnerability": "VCID-v4z1-cx3v-jffz" }, { "vulnerability": "VCID-v6yx-yd5n-1kfy" }, { "vulnerability": "VCID-v7xq-gfna-5kfw" }, { "vulnerability": "VCID-v95c-y9at-gqd6" }, { "vulnerability": "VCID-vdrh-8w5d-dffg" }, { "vulnerability": "VCID-vpu8-vm54-jqhy" }, { "vulnerability": "VCID-vsxn-sk73-dbg5" }, { "vulnerability": "VCID-vzpd-apmu-xbe4" }, { "vulnerability": "VCID-wd74-3jrn-tqag" }, { "vulnerability": "VCID-wdpc-4xjf-pqgh" }, { "vulnerability": "VCID-wskj-uyt9-akab" }, { "vulnerability": "VCID-x4pj-t6q1-m7ga" }, { "vulnerability": "VCID-xb6k-1cfd-ykb9" }, { "vulnerability": "VCID-xdz6-2ckp-a3dw" }, { "vulnerability": "VCID-xk5n-nxxm-j7fr" }, { "vulnerability": "VCID-xt2w-1h6g-2qe5" }, { "vulnerability": "VCID-xt64-z2u2-kkd6" }, { "vulnerability": "VCID-xvm3-prar-bqg3" }, { "vulnerability": "VCID-y5ak-4gg9-sqaj" }, { "vulnerability": "VCID-ykwa-vws8-3kfj" }, { "vulnerability": "VCID-ync7-cxk4-byfg" }, { "vulnerability": "VCID-yp3u-58s2-wuh6" }, { "vulnerability": "VCID-ypp9-9yup-33h6" }, { "vulnerability": "VCID-yq3m-mr4f-kfgw" }, { "vulnerability": "VCID-yy39-1a1s-sqe4" }, { "vulnerability": "VCID-z7f3-8vck-t7aj" }, { "vulnerability": "VCID-zcdc-4zmj-syct" }, { "vulnerability": "VCID-zmpk-rg58-t3g6" }, { "vulnerability": "VCID-zsqp-n2df-3fcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.1" } ], "aliases": [ "CVE-2020-15198", "GHSA-jc87-6vpp-7ff3", "PYSEC-2020-121", "PYSEC-2020-278", "PYSEC-2020-313" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y634-q7n4-jbhu" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow@2.3.0rc1" }