Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/23629?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "type": "pypi", "namespace": "", "name": "tensorflow-gpu", "version": "2.5.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.6.0rc2", "latest_non_vulnerable_version": "2.12.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8273?format=api", "vulnerability_id": "VCID-11qd-d7c7-sbdm", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ConcatV2` can be used to trigger a denial of service attack via a segfault caused by a type confusion. The `axis` argument is translated into `concat_dim` in the `ConcatShapeHelper` helper function. Then, a value for `min_rank` is computed based on `concat_dim`. This is then used to validate that the `values` tensor has at least the required rank. However, `WithRankAtLeast` receives the lower bound as a 64-bits value and then compares it against the maximum 32-bits integer value that could be represented. Due to the fact that `min_rank` is a 32-bits value and the value of `axis`, the `rank` argument is a negative value, so the error check is bypassed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21731", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53888", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21731" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-55.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-55.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-110.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-110.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/common_shape_fns.cc#L1961-L2059", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/common_shape_fns.cc#L1961-L2059" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/shape_inference.cc#L345-L358", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/shape_inference.cc#L345-L358" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/08d7b00c0a5a20926363849f611729f53f3ec022", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/08d7b00c0a5a20926363849f611729f53f3ec022" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m4hf-j54p-p353", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m4hf-j54p-p353" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21731", "reference_id": "CVE-2022-21731", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21731" }, { "reference_url": "https://github.com/advisories/GHSA-m4hf-j54p-p353", "reference_id": "GHSA-m4hf-j54p-p353", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m4hf-j54p-p353" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21731", "CVE-2022-21731", "GHSA-m4hf-j54p-p353", "PYSEC-2022-110", "PYSEC-2022-55" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-11qd-d7c7-sbdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8272?format=api", "vulnerability_id": "VCID-145d-k5w3-tfgz", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementations of `Sparse*Cwise*` ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based denial of service) or `CHECK`-fails when building new `TensorShape` objects (so, assert failures based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63951", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23567" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-76.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-76.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-131.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-131.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1b54cadd19391b60b6fcccd8d076426f7221d5e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1b54cadd19391b60b6fcccd8d076426f7221d5e8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e952a89b7026b98fe8cbe626514a93ed68b7c510", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e952a89b7026b98fe8cbe626514a93ed68b7c510" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrx2-r989-2c43", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrx2-r989-2c43" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23567", "reference_id": "CVE-2022-23567", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23567" }, { "reference_url": "https://github.com/advisories/GHSA-rrx2-r989-2c43", "reference_id": "GHSA-rrx2-r989-2c43", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rrx2-r989-2c43" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23567", "CVE-2022-23567", "GHSA-rrx2-r989-2c43", "PYSEC-2022-131", "PYSEC-2022-76" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-145d-k5w3-tfgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8308?format=api", "vulnerability_id": "VCID-15nt-6tff-k7gb", "summary": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53055", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23587" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-96.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-96.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-151.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-151.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L2621-L2689", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:58Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L2621-L2689" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/0aaaae6eca5a7175a193696383f582f53adab23f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:58Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/0aaaae6eca5a7175a193696383f582f53adab23f" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8jj7-5vxc-pg2q", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:58Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8jj7-5vxc-pg2q" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23587", "reference_id": "CVE-2022-23587", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23587" }, { "reference_url": "https://github.com/advisories/GHSA-8jj7-5vxc-pg2q", "reference_id": "GHSA-8jj7-5vxc-pg2q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8jj7-5vxc-pg2q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23587", "CVE-2022-23587", "GHSA-8jj7-5vxc-pg2q", "PYSEC-2022-151", "PYSEC-2022-96" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-15nt-6tff-k7gb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8267?format=api", "vulnerability_id": "VCID-1ah5-hm7a-ykep", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalAvgPoolGrad` does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54937", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21730" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-54.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-54.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-109.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-109.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_avg_pool_op.cc#L209-L360", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:34Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_avg_pool_op.cc#L209-L360" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/002408c3696b173863228223d535f9de72a101a9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:34Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/002408c3696b173863228223d535f9de72a101a9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vjg4-v33c-ggc4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:34Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vjg4-v33c-ggc4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21730", "reference_id": "CVE-2022-21730", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21730" }, { "reference_url": "https://github.com/advisories/GHSA-vjg4-v33c-ggc4", "reference_id": "GHSA-vjg4-v33c-ggc4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vjg4-v33c-ggc4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21730", "CVE-2022-21730", "GHSA-vjg4-v33c-ggc4", "PYSEC-2022-109", "PYSEC-2022-54" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ah5-hm7a-ykep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3227?format=api", "vulnerability_id": "VCID-1sr1-happ-6ugc", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41221", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.06058", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41221" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-630.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-630.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-828.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-828.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-413.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-413.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41221", "reference_id": "CVE-2021-41221", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41221" }, { "reference_url": "https://github.com/advisories/GHSA-cqv6-3phm-hcwx", "reference_id": "GHSA-cqv6-3phm-hcwx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cqv6-3phm-hcwx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41221", "CVE-2021-41221", "GHSA-cqv6-3phm-hcwx", "PYSEC-2021-413", "PYSEC-2021-630", "PYSEC-2021-828" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1sr1-happ-6ugc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3231?format=api", "vulnerability_id": "VCID-2cw7-2xzs-abfz", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41217" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-626.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-626.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-824.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-824.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-409.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-409.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41217", "reference_id": "CVE-2021-41217", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41217" }, { "reference_url": "https://github.com/advisories/GHSA-5crj-c72x-m7gq", "reference_id": "GHSA-5crj-c72x-m7gq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5crj-c72x-m7gq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41217", "CVE-2021-41217", "GHSA-5crj-c72x-m7gq", "PYSEC-2021-409", "PYSEC-2021-626", "PYSEC-2021-824" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2cw7-2xzs-abfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3250?format=api", "vulnerability_id": "VCID-2hqc-3d51-4yf5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41198", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15708", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41198" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-608.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-608.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-806.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-806.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-391.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-391.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46911", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/46911" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41198", "reference_id": "CVE-2021-41198", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41198" }, { "reference_url": "https://github.com/advisories/GHSA-2p25-55c9-h58q", "reference_id": "GHSA-2p25-55c9-h58q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2p25-55c9-h58q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41198", "CVE-2021-41198", "GHSA-2p25-55c9-h58q", "PYSEC-2021-391", "PYSEC-2021-608", "PYSEC-2021-806" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2hqc-3d51-4yf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8285?format=api", "vulnerability_id": "VCID-39ck-bm9t-kqhs", "summary": "Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_size` is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23557", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23557" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-66.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-66.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-121.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-121.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/internal/common.h#L75", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:48Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/internal/common.h#L75" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8c6f391a2282684a25cbfec7687bd5d35261a209", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:48Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8c6f391a2282684a25cbfec7687bd5d35261a209" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:48Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23557", "reference_id": "CVE-2022-23557", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23557" }, { "reference_url": "https://github.com/advisories/GHSA-gf2j-f278-xh4v", "reference_id": "GHSA-gf2j-f278-xh4v", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gf2j-f278-xh4v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23557", "CVE-2022-23557", "GHSA-gf2j-f278-xh4v", "PYSEC-2022-121", "PYSEC-2022-66" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-39ck-bm9t-kqhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8292?format=api", "vulnerability_id": "VCID-3czq-3twf-skcg", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23573", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53033", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23573" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-82.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-82.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-137.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-137.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/assign_op.h#L30-L143", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:13Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/assign_op.h#L30-L143" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ef1d027be116f25e25bb94a60da491c2cf55bd0b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:13Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ef1d027be116f25e25bb94a60da491c2cf55bd0b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q85f-69q7-55h2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:13Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q85f-69q7-55h2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23573", "reference_id": "CVE-2022-23573", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23573" }, { "reference_url": "https://github.com/advisories/GHSA-q85f-69q7-55h2", "reference_id": "GHSA-q85f-69q7-55h2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q85f-69q7-55h2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23573", "CVE-2022-23573", "GHSA-q85f-69q7-55h2", "PYSEC-2022-137", "PYSEC-2022-82" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3czq-3twf-skcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8312?format=api", "vulnerability_id": "VCID-3g5a-5csn-h3d9", "summary": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a reference `dtype`. This would result in a crash due to a `CHECK`-fail in the `Tensor` constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23588", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53888", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23588" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-97.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-97.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-152.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/tensor.cc#L733-L781", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/tensor.cc#L733-L781" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1328-L1402", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1328-L1402" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6b5adc0877de832b2a7c189532dbbbc64622eeb6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/6b5adc0877de832b2a7c189532dbbbc64622eeb6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fx5c-h9f6-rv7c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fx5c-h9f6-rv7c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23588", "reference_id": "CVE-2022-23588", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23588" }, { "reference_url": "https://github.com/advisories/GHSA-fx5c-h9f6-rv7c", "reference_id": "GHSA-fx5c-h9f6-rv7c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fx5c-h9f6-rv7c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23588", "CVE-2022-23588", "GHSA-fx5c-h9f6-rv7c", "PYSEC-2022-152", "PYSEC-2022-97" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3g5a-5csn-h3d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8311?format=api", "vulnerability_id": "VCID-466y-e26r-rka4", "summary": "Tensorflow is an Open Source Machine Learning Framework. When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so `flr->config_proto` is `nullptr`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23595", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44697", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23595" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-103.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-103.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-158.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-158.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/jit/xla_platform_info.cc#L43-L104", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/jit/xla_platform_info.cc#L43-L104" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e21af685e1828f7ca65038307df5cc06de4479e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e21af685e1828f7ca65038307df5cc06de4479e8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23595", "reference_id": "CVE-2022-23595", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23595" }, { "reference_url": "https://github.com/advisories/GHSA-fpcp-9h7m-ffpx", "reference_id": "GHSA-fpcp-9h7m-ffpx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fpcp-9h7m-ffpx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23595", "CVE-2022-23595", "GHSA-fpcp-9h7m-ffpx", "PYSEC-2022-103", "PYSEC-2022-158" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-466y-e26r-rka4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3239?format=api", "vulnerability_id": "VCID-5d73-819a-xbeg", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41209", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41209" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-618.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-618.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-816.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-816.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-401.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-401.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41209", "reference_id": "CVE-2021-41209", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41209" }, { "reference_url": "https://github.com/advisories/GHSA-6hpv-v2rx-c5g6", "reference_id": "GHSA-6hpv-v2rx-c5g6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6hpv-v2rx-c5g6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41209", "CVE-2021-41209", "GHSA-6hpv-v2rx-c5g6", "PYSEC-2021-401", "PYSEC-2021-618", "PYSEC-2021-816" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5d73-819a-xbeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8318?format=api", "vulnerability_id": "VCID-5tpp-sf62-zycs", "summary": "Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses `tempfile.mktemp` to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in `mktemp` and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness). In several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the `mktemp` function usage. We have patched the issue in several commits, replacing `mktemp` with the safer `mkstemp`/`mkdtemp` functions, according to the usage pattern. Users are advised to upgrade as soon as possible.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02926", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23563" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-72.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-72.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-127.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-127.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23563", "reference_id": "CVE-2022-23563", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23563" }, { "reference_url": "https://github.com/advisories/GHSA-wc4g-r73w-x8mm", "reference_id": "GHSA-wc4g-r73w-x8mm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wc4g-r73w-x8mm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23563", "CVE-2022-23563", "GHSA-wc4g-r73w-x8mm", "PYSEC-2022-127", "PYSEC-2022-72" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5tpp-sf62-zycs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3234?format=api", "vulnerability_id": "VCID-5ty2-z944-mbht", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05281", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41214" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-623.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-623.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-821.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-821.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-406.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-406.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41214", "reference_id": "CVE-2021-41214", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41214" }, { "reference_url": "https://github.com/advisories/GHSA-vwhq-49r4-gj9v", "reference_id": "GHSA-vwhq-49r4-gj9v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vwhq-49r4-gj9v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41214", "CVE-2021-41214", "GHSA-vwhq-49r4-gj9v", "PYSEC-2021-406", "PYSEC-2021-623", "PYSEC-2021-821" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ty2-z944-mbht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3222?format=api", "vulnerability_id": "VCID-5xgg-h9wh-3uh7", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41226", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05281", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41226" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-635.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-635.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-833.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-833.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-418.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-418.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41226", "reference_id": "CVE-2021-41226", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41226" }, { "reference_url": "https://github.com/advisories/GHSA-374m-jm66-3vj8", "reference_id": "GHSA-374m-jm66-3vj8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-374m-jm66-3vj8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41226", "CVE-2021-41226", "GHSA-374m-jm66-3vj8", "PYSEC-2021-418", "PYSEC-2021-635", "PYSEC-2021-833" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5xgg-h9wh-3uh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8281?format=api", "vulnerability_id": "VCID-6888-uhtp-8ub6", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `*Bincount` operations allows malicious users to cause denial of service by passing in arguments which would trigger a `CHECK`-fail. There are several conditions that the input arguments must satisfy. Some are not caught during shape inference and others are not caught during kernel implementation. This results in `CHECK` failures later when the output tensors get allocated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21737" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-61.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-61.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-116.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-116.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/bincount_op.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:06Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/bincount_op.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7019ce4f68925fd01cdafde26f8d8c938f47e6f9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:06Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/7019ce4f68925fd01cdafde26f8d8c938f47e6f9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:06Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21737", "reference_id": "CVE-2022-21737", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21737" }, { "reference_url": "https://github.com/advisories/GHSA-f2vv-v9cg-qhh7", "reference_id": "GHSA-f2vv-v9cg-qhh7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f2vv-v9cg-qhh7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21737", "CVE-2022-21737", "GHSA-f2vv-v9cg-qhh7", "PYSEC-2022-116", "PYSEC-2022-61" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6888-uhtp-8ub6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3225?format=api", "vulnerability_id": "VCID-688g-g33x-67g9", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41223", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41223" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-632.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-632.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-830.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-830.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-415.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-415.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41223", "reference_id": "CVE-2021-41223", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41223" }, { "reference_url": "https://github.com/advisories/GHSA-f54p-f6jp-4rhr", "reference_id": "GHSA-f54p-f6jp-4rhr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-f54p-f6jp-4rhr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41223", "CVE-2021-41223", "GHSA-f54p-f6jp-4rhr", "PYSEC-2021-415", "PYSEC-2021-632", "PYSEC-2021-830" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-688g-g33x-67g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8275?format=api", "vulnerability_id": "VCID-6gnj-az99-h7b4", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21735" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-59.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-59.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-114.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-114.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_max_pool_op.cc#L36-L192", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:14Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_max_pool_op.cc#L36-L192" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fb", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:14Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fb" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:14Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21735", "reference_id": "CVE-2022-21735", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21735" }, { "reference_url": "https://github.com/advisories/GHSA-87v6-crgm-2gfj", "reference_id": "GHSA-87v6-crgm-2gfj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-87v6-crgm-2gfj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21735", "CVE-2022-21735", "GHSA-87v6-crgm-2gfj", "PYSEC-2022-114", "PYSEC-2022-59" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6gnj-az99-h7b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8276?format=api", "vulnerability_id": "VCID-83pe-ztey-dbf4", "summary": "Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via `CHECK`-fails (i.e., assertion failures). This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. It is possible that other similar instances exist in TensorFlow, we will issue fixes as these are discovered. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23569", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30304", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23569" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-78.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-78.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-133.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-133.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:46:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:46:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23569", "reference_id": "CVE-2022-23569", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23569" }, { "reference_url": "https://github.com/advisories/GHSA-qj5r-f9mv-rffh", "reference_id": "GHSA-qj5r-f9mv-rffh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qj5r-f9mv-rffh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23569", "CVE-2022-23569", "GHSA-qj5r-f9mv-rffh", "PYSEC-2022-133", "PYSEC-2022-78" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-83pe-ztey-dbf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8269?format=api", "vulnerability_id": "VCID-97cs-4kx3-37gm", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `StringNGrams` can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on `pad_witdh` and that result in computing a negative value for `ngram_width` which is later used to allocate parts of the output. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21733", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46146", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21733" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-57.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-57.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-112.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-112.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/string_ngrams_op.cc#L29-L161", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:28Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/string_ngrams_op.cc#L29-L161" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f68fdab93fb7f4ddb4eb438c8fe052753c9413e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:28Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f68fdab93fb7f4ddb4eb438c8fe052753c9413e8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98j8-c9q4-r38g", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:28Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98j8-c9q4-r38g" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21733", "reference_id": "CVE-2022-21733", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21733" }, { "reference_url": "https://github.com/advisories/GHSA-98j8-c9q4-r38g", "reference_id": "GHSA-98j8-c9q4-r38g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-98j8-c9q4-r38g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21733", "CVE-2022-21733", "GHSA-98j8-c9q4-r38g", "PYSEC-2022-112", "PYSEC-2022-57" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-97cs-4kx3-37gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8277?format=api", "vulnerability_id": "VCID-9arh-a8wj-wka6", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `MapStage` is vulnerable a `CHECK`-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21734" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-58.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-58.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-113.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-113.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/map_stage_op.cc#L519-L550", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:12Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/map_stage_op.cc#L519-L550" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f57315566d7094f322b784947093406c2aea0d7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:12Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f57315566d7094f322b784947093406c2aea0d7d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gcvh-66ff-4mwm", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:12Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gcvh-66ff-4mwm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21734", "reference_id": "CVE-2022-21734", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21734" }, { "reference_url": "https://github.com/advisories/GHSA-gcvh-66ff-4mwm", "reference_id": "GHSA-gcvh-66ff-4mwm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gcvh-66ff-4mwm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21734", "CVE-2022-21734", "GHSA-gcvh-66ff-4mwm", "PYSEC-2022-113", "PYSEC-2022-58" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9arh-a8wj-wka6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3229?format=api", "vulnerability_id": "VCID-9dhc-1f13-5qht", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05669", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41219" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-628.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-628.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-826.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-826.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-411.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-411.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41219", "reference_id": "CVE-2021-41219", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41219" }, { "reference_url": "https://github.com/advisories/GHSA-4f99-p9c2-3j8x", "reference_id": "GHSA-4f99-p9c2-3j8x", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4f99-p9c2-3j8x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41219", "CVE-2021-41219", "GHSA-4f99-p9c2-3j8x", "PYSEC-2021-411", "PYSEC-2021-628", "PYSEC-2021-826" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9dhc-1f13-5qht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3241?format=api", "vulnerability_id": "VCID-9gde-ga9q-pqb4", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41207" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-616.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-616.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-814.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-814.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-399.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-399.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/inplace_ops.cc#L72-L97", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/inplace_ops.cc#L72-L97" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9de11bdc2cf1284b2f635419bd3e6bbc7643eb2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/9de11bdc2cf1284b2f635419bd3e6bbc7643eb2c" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d11f21bbdfa54f3576ae860fc927bf23c675ebc0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d11f21bbdfa54f3576ae860fc927bf23c675ebc0" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e67caccea81167402c62977b5c521f2a8b261d6a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e67caccea81167402c62977b5c521f2a8b261d6a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41207", "reference_id": "CVE-2021-41207", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41207" }, { "reference_url": "https://github.com/advisories/GHSA-7v94-64hj-m82h", "reference_id": "GHSA-7v94-64hj-m82h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7v94-64hj-m82h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41207", "CVE-2021-41207", "GHSA-7v94-64hj-m82h", "PYSEC-2021-399", "PYSEC-2021-616", "PYSEC-2021-814" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gde-ga9q-pqb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3244?format=api", "vulnerability_id": "VCID-9snf-qxka-83hd", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41204", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41204" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-614.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-614.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-812.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-812.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-397.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-397.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41204", "reference_id": "CVE-2021-41204", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41204" }, { "reference_url": "https://github.com/advisories/GHSA-786j-5qwq-r36x", "reference_id": "GHSA-786j-5qwq-r36x", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-786j-5qwq-r36x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41204", "CVE-2021-41204", "GHSA-786j-5qwq-r36x", "PYSEC-2021-397", "PYSEC-2021-614", "PYSEC-2021-812" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9snf-qxka-83hd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3249?format=api", "vulnerability_id": "VCID-aad5-dg9x-53cz", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41199", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15708", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41199" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-609.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-609.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-807.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-807.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-392.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-392.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46914", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/46914" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41199", "reference_id": "CVE-2021-41199", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41199" }, { "reference_url": "https://github.com/advisories/GHSA-5hx2-qx8j-qjqm", "reference_id": "GHSA-5hx2-qx8j-qjqm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5hx2-qx8j-qjqm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41199", "CVE-2021-41199", "GHSA-5hx2-qx8j-qjqm", "PYSEC-2021-392", "PYSEC-2021-609", "PYSEC-2021-807" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aad5-dg9x-53cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8283?format=api", "vulnerability_id": "VCID-akmu-fas1-33h6", "summary": "Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46146", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21741" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-65.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-65.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-120.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-120.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/depthwise_conv.cc#L96", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/depthwise_conv.cc#L96" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e5b0eec199c2d03de54fd6a7fd9275692218e2bc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e5b0eec199c2d03de54fd6a7fd9275692218e2bc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21741", "reference_id": "CVE-2022-21741", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21741" }, { "reference_url": "https://github.com/advisories/GHSA-428x-9xc2-m8mj", "reference_id": "GHSA-428x-9xc2-m8mj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-428x-9xc2-m8mj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21741", "CVE-2022-21741", "GHSA-428x-9xc2-m8mj", "PYSEC-2022-120", "PYSEC-2022-65" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-akmu-fas1-33h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8316?format=api", "vulnerability_id": "VCID-axj7-aq9m-rqdu", "summary": "Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments, if the tensors have an invalid `dtype` and 0 elements or an invalid shape. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23571", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30304", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23571" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-80.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-80.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-135.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-135.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/5b491cd5e41ad63735161cec9c2a568172c8b6a3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:11:18Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/5b491cd5e41ad63735161cec9c2a568172c8b6a3" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j3mj-fhpq-qqjj", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:11:18Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j3mj-fhpq-qqjj" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23571", "reference_id": "CVE-2022-23571", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23571" }, { "reference_url": "https://github.com/advisories/GHSA-j3mj-fhpq-qqjj", "reference_id": "GHSA-j3mj-fhpq-qqjj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j3mj-fhpq-qqjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23571", "CVE-2022-23571", "GHSA-j3mj-fhpq-qqjj", "PYSEC-2022-135", "PYSEC-2022-80" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-axj7-aq9m-rqdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3220?format=api", "vulnerability_id": "VCID-b8sr-erwh-5yh8", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41228", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12379", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41228" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-637.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "5.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-637.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-835.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "5.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-835.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-420.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "5.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-420.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "5.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "5.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "5.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41228", "reference_id": "CVE-2021-41228", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "5.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41228" }, { "reference_url": "https://github.com/advisories/GHSA-3rcw-9p9x-582v", "reference_id": "GHSA-3rcw-9p9x-582v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3rcw-9p9x-582v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41228", "CVE-2021-41228", "GHSA-3rcw-9p9x-582v", "PYSEC-2021-420", "PYSEC-2021-637", "PYSEC-2021-835" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b8sr-erwh-5yh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3221?format=api", "vulnerability_id": "VCID-bm3u-2ych-eqac", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.241", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41227" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-636.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-636.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-834.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-834.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-419.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-419.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41227", "reference_id": "CVE-2021-41227", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41227" }, { "reference_url": "https://github.com/advisories/GHSA-j8c8-67vp-6mx7", "reference_id": "GHSA-j8c8-67vp-6mx7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j8c8-67vp-6mx7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41227", "CVE-2021-41227", "GHSA-j8c8-67vp-6mx7", "PYSEC-2021-419", "PYSEC-2021-636", "PYSEC-2021-834" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bm3u-2ych-eqac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8289?format=api", "vulnerability_id": "VCID-ccv1-pgda-r7ba", "summary": "Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60401", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23566" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-75.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-75.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-130.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-130.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.h#L394", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:54Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.h#L394" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/graph_properties.cc#L1132-L1141", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:54Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/graph_properties.cc#L1132-L1141" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/97282c6d0d34476b6ba033f961590b783fa184cd", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:54Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/97282c6d0d34476b6ba033f961590b783fa184cd" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5qw5-89mw-wcg2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:54Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5qw5-89mw-wcg2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23566", "reference_id": "CVE-2022-23566", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23566" }, { "reference_url": "https://github.com/advisories/GHSA-5qw5-89mw-wcg2", "reference_id": "GHSA-5qw5-89mw-wcg2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5qw5-89mw-wcg2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23566", "CVE-2022-23566", "GHSA-5qw5-89mw-wcg2", "PYSEC-2022-130", "PYSEC-2022-75" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ccv1-pgda-r7ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3248?format=api", "vulnerability_id": "VCID-cu5c-pmqv-xkdz", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15532", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41200" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-610.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-610.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-808.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-808.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-393.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-393.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46909", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/46909" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41200", "reference_id": "CVE-2021-41200", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41200" }, { "reference_url": "https://github.com/advisories/GHSA-gh8h-7j2j-qv4f", "reference_id": "GHSA-gh8h-7j2j-qv4f", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gh8h-7j2j-qv4f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41200", "CVE-2021-41200", "GHSA-gh8h-7j2j-qv4f", "PYSEC-2021-393", "PYSEC-2021-610", "PYSEC-2021-808" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cu5c-pmqv-xkdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8307?format=api", "vulnerability_id": "VCID-cwvm-wntu-tfck", "summary": "Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `SafeToRemoveIdentity` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23579", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46146", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23579" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-88.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-88.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-143.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-143.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/dependency_optimizer.cc#L59-L98", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/dependency_optimizer.cc#L59-L98" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/92dba16749fae36c246bec3f9ba474d9ddeb7662", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/92dba16749fae36c246bec3f9ba474d9ddeb7662" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5f2r-qp73-37mr", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5f2r-qp73-37mr" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23579", "reference_id": "CVE-2022-23579", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23579" }, { "reference_url": "https://github.com/advisories/GHSA-5f2r-qp73-37mr", "reference_id": "GHSA-5f2r-qp73-37mr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5f2r-qp73-37mr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23579", "CVE-2022-23579", "GHSA-5f2r-qp73-37mr", "PYSEC-2022-143", "PYSEC-2022-88" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwvm-wntu-tfck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8266?format=api", "vulnerability_id": "VCID-d3dc-su6w-s3ag", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `Dequantize` does not fully validate the value of `axis` and can result in heap OOB accesses. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21726" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-50.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-50.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-105.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-105.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/dequantize_op.cc#L92-L153", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:31Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/dequantize_op.cc#L92-L153" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/23968a8bf65b009120c43b5ebcceaf52dbc9e943", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:31Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/23968a8bf65b009120c43b5ebcceaf52dbc9e943" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-23hm-7w47-xw72", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:31Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-23hm-7w47-xw72" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21726", "reference_id": "CVE-2022-21726", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21726" }, { "reference_url": "https://github.com/advisories/GHSA-23hm-7w47-xw72", "reference_id": "GHSA-23hm-7w47-xw72", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-23hm-7w47-xw72" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21726", "CVE-2022-21726", "GHSA-23hm-7w47-xw72", "PYSEC-2022-105", "PYSEC-2022-50" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3dc-su6w-s3ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8302?format=api", "vulnerability_id": "VCID-egc6-6pwr-fyej", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23577", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44697", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23577" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-86.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-86.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-141.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-141.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/cc/saved_model/loader_util.cc#L31-L61", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/cc/saved_model/loader_util.cc#L31-L61" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4f38b1ac8e42727e18a2f0bde06d3bee8e77b250", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/4f38b1ac8e42727e18a2f0bde06d3bee8e77b250" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8cxv-76p7-jxwr", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8cxv-76p7-jxwr" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23577", "reference_id": "CVE-2022-23577", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23577" }, { "reference_url": "https://github.com/advisories/GHSA-8cxv-76p7-jxwr", "reference_id": "GHSA-8cxv-76p7-jxwr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8cxv-76p7-jxwr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23577", "CVE-2022-23577", "GHSA-8cxv-76p7-jxwr", "PYSEC-2022-141", "PYSEC-2022-86" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-egc6-6pwr-fyej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8294?format=api", "vulnerability_id": "VCID-en5f-xtha-cyhp", "summary": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53888", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23586" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-95.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-95.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-150.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-150.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/function.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:57Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/function.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3d89911481ba6ebe8c88c1c0b595412121e6c645", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:57Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/3d89911481ba6ebe8c88c1c0b595412121e6c645" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/dcc21c7bc972b10b6fb95c2fb0f4ab5a59680ec2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:57Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/dcc21c7bc972b10b6fb95c2fb0f4ab5a59680ec2" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-43jf-985q-588j", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:57Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-43jf-985q-588j" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23586", "reference_id": "CVE-2022-23586", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23586" }, { "reference_url": "https://github.com/advisories/GHSA-43jf-985q-588j", "reference_id": "GHSA-43jf-985q-588j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-43jf-985q-588j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23586", "CVE-2022-23586", "GHSA-43jf-985q-588j", "PYSEC-2022-150", "PYSEC-2022-95" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-en5f-xtha-cyhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8287?format=api", "vulnerability_id": "VCID-ev23-kazv-nkas", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23575", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23575" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-84.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-84.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-139.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-139.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1552-L1558", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1552-L1558" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/fcd18ce3101f245b083b30655c27b239dc72221e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/fcd18ce3101f245b083b30655c27b239dc72221e" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c94w-c95p-phf8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c94w-c95p-phf8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23575", "reference_id": "CVE-2022-23575", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23575" }, { "reference_url": "https://github.com/advisories/GHSA-c94w-c95p-phf8", "reference_id": "GHSA-c94w-c95p-phf8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c94w-c95p-phf8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23575", "CVE-2022-23575", "GHSA-c94w-c95p-phf8", "PYSEC-2022-139", "PYSEC-2022-84" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ev23-kazv-nkas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8265?format=api", "vulnerability_id": "VCID-ev84-gxjn-6bf1", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulnerable to an integer overflow weakness. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes `axis + 1`, an attacker can trigger an integer overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.55077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21727" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-51.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-51.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-106.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-106.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/ops/array_ops.cc#L3001-L3034", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:29Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/ops/array_ops.cc#L3001-L3034" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/b64638ec5ccaa77b7c1eb90958e3d85ce381f91b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:29Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/b64638ec5ccaa77b7c1eb90958e3d85ce381f91b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c6fh-56w7-fvjw", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:29Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c6fh-56w7-fvjw" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21727", "reference_id": "CVE-2022-21727", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21727" }, { "reference_url": "https://github.com/advisories/GHSA-c6fh-56w7-fvjw", "reference_id": "GHSA-c6fh-56w7-fvjw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c6fh-56w7-fvjw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21727", "CVE-2022-21727", "GHSA-c6fh-56w7-fvjw", "PYSEC-2022-106", "PYSEC-2022-51" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ev84-gxjn-6bf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3243?format=api", "vulnerability_id": "VCID-exm3-hpp6-g7hg", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41205", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41205" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-615.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-615.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-813.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-813.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-398.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-398.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41205", "reference_id": "CVE-2021-41205", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41205" }, { "reference_url": "https://github.com/advisories/GHSA-49rx-x2rw-pc6f", "reference_id": "GHSA-49rx-x2rw-pc6f", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-49rx-x2rw-pc6f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41205", "CVE-2021-41205", "GHSA-49rx-x2rw-pc6f", "PYSEC-2021-398", "PYSEC-2021-615", "PYSEC-2021-813" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-exm3-hpp6-g7hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8280?format=api", "vulnerability_id": "VCID-eyqx-7k24-zfhq", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21738" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-62.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-62.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-117.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-117.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:09Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6f4d3e8139ec724dbbcb40505891c81dd1052c4a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:09Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/6f4d3e8139ec724dbbcb40505891c81dd1052c4a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:09Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21738", "reference_id": "CVE-2022-21738", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21738" }, { "reference_url": "https://github.com/advisories/GHSA-x4qx-4fjv-hmw6", "reference_id": "GHSA-x4qx-4fjv-hmw6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x4qx-4fjv-hmw6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21738", "CVE-2022-21738", "GHSA-x4qx-4fjv-hmw6", "PYSEC-2022-117", "PYSEC-2022-62" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eyqx-7k24-zfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8286?format=api", "vulnerability_id": "VCID-f25m-udat-n3fd", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23562", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58482", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23562" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-71.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-71.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-126.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-126.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f0147751fd5d2ff23251149ebad9af9f03010732", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f0147751fd5d2ff23251149ebad9af9f03010732" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/52676", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/52676" }, { "reference_url": "https://github.com/tensorflow/tensorflow/pull/51733", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/pull/51733" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23562", "reference_id": "CVE-2022-23562", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23562" }, { "reference_url": "https://github.com/advisories/GHSA-qx3f-p745-w4hr", "reference_id": "GHSA-qx3f-p745-w4hr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qx3f-p745-w4hr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23562", "CVE-2022-23562", "GHSA-qx3f-p745-w4hr", "PYSEC-2022-126", "PYSEC-2022-71" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f25m-udat-n3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8310?format=api", "vulnerability_id": "VCID-f3cx-k63z-7qde", "summary": "Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_size` are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write. Users are advised to upgrade to a patched version.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67022", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23559" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-68.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-68.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-123.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-123.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/embedding_lookup_sparse.cc#L179-L189", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:41Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/embedding_lookup_sparse.cc#L179-L189" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee99283043", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:41Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee99283043" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65baf64be4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:41Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65baf64be4" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f061a75e01", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:41Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f061a75e01" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:41Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23559", "reference_id": "CVE-2022-23559", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23559" }, { "reference_url": "https://github.com/advisories/GHSA-98p5-x8x4-c9m5", "reference_id": "GHSA-98p5-x8x4-c9m5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-98p5-x8x4-c9m5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23559", "CVE-2022-23559", "GHSA-98p5-x8x4-c9m5", "PYSEC-2022-123", "PYSEC-2022-68" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3cx-k63z-7qde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8296?format=api", "vulnerability_id": "VCID-fggx-3rzd-8kf5", "summary": "Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., &decode)`, the `decode` value contains allocated buffers which can only be freed by calling `png::CommonFreeDecode(&decode)`. However, several error case in the function implementation invoke the `OP_REQUIRES` macro which immediately terminates the execution of the function, without allowing for the memory free to occur. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71345", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23585" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-94.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-94.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-149.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-149.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L322-L416", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:17Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L322-L416" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ab51e5b813573dc9f51efa335aebcf2994125ee9", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:17Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ab51e5b813573dc9f51efa335aebcf2994125ee9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq6p-6334-8gr4", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:17Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq6p-6334-8gr4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23585", "reference_id": "CVE-2022-23585", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23585" }, { "reference_url": "https://github.com/advisories/GHSA-fq6p-6334-8gr4", "reference_id": "GHSA-fq6p-6334-8gr4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fq6p-6334-8gr4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23585", "CVE-2022-23585", "GHSA-fq6p-6334-8gr4", "PYSEC-2022-149", "PYSEC-2022-94" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fggx-3rzd-8kf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3246?format=api", "vulnerability_id": "VCID-g144-4yvx-xybr", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41202", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11432", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41202" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-612.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-612.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-810.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-810.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-395.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-395.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46889", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/46889" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46912", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/46912" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41202", "reference_id": "CVE-2021-41202", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41202" }, { "reference_url": "https://github.com/advisories/GHSA-xrqm-fpgr-6hhx", "reference_id": "GHSA-xrqm-fpgr-6hhx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-xrqm-fpgr-6hhx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41202", "CVE-2021-41202", "GHSA-xrqm-fpgr-6hhx", "PYSEC-2021-395", "PYSEC-2021-612", "PYSEC-2021-810" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g144-4yvx-xybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3224?format=api", "vulnerability_id": "VCID-g423-bnfj-kybz", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41224" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-633.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-633.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-831.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-831.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-416.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-416.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41224", "reference_id": "CVE-2021-41224", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41224" }, { "reference_url": "https://github.com/advisories/GHSA-rg3m-hqc5-344v", "reference_id": "GHSA-rg3m-hqc5-344v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rg3m-hqc5-344v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41224", "CVE-2021-41224", "GHSA-rg3m-hqc5-344v", "PYSEC-2021-416", "PYSEC-2021-633", "PYSEC-2021-831" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g423-bnfj-kybz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8268?format=api", "vulnerability_id": "VCID-g8er-52ns-j7b1", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. There is a check to make sure the value of `batch_dim` does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of `Dim` would access elements before the start of an array. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21728", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.78127", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21728" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-52.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-52.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-107.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-107.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/shape_inference.h#L415-L428", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/shape_inference.h#L415-L428" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/ops/array_ops.cc#L1636-L1671", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/ops/array_ops.cc#L1636-L1671" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/37c01fb5e25c3d80213060460196406c43d31995", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/37c01fb5e25c3d80213060460196406c43d31995" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gmv-pjp9-p8w8", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gmv-pjp9-p8w8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21728", "reference_id": "CVE-2022-21728", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21728" }, { "reference_url": "https://github.com/advisories/GHSA-6gmv-pjp9-p8w8", "reference_id": "GHSA-6gmv-pjp9-p8w8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6gmv-pjp9-p8w8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21728", "CVE-2022-21728", "GHSA-6gmv-pjp9-p8w8", "PYSEC-2022-107", "PYSEC-2022-52" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8er-52ns-j7b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8297?format=api", "vulnerability_id": "VCID-g8ts-ghhv-33e3", "summary": "Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23580", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.5366", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23580" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-89.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-89.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-144.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-144.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L788-L790", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:27Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L788-L790" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1361fb7e29449629e1df94d44e0427ebec8c83c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:27Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1361fb7e29449629e1df94d44e0427ebec8c83c7" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:27Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23580", "reference_id": "CVE-2022-23580", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23580" }, { "reference_url": "https://github.com/advisories/GHSA-627q-g293-49q7", "reference_id": "GHSA-627q-g293-49q7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-627q-g293-49q7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23580", "CVE-2022-23580", "GHSA-627q-g293-49q7", "PYSEC-2022-144", "PYSEC-2022-89" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8ts-ghhv-33e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3238?format=api", "vulnerability_id": "VCID-gbft-tx74-wkhf", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41210" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-619.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-619.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-817.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-817.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-402.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-402.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41210", "reference_id": "CVE-2021-41210", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41210" }, { "reference_url": "https://github.com/advisories/GHSA-m342-ff57-4jcc", "reference_id": "GHSA-m342-ff57-4jcc", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m342-ff57-4jcc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41210", "CVE-2021-41210", "GHSA-m342-ff57-4jcc", "PYSEC-2021-402", "PYSEC-2021-619", "PYSEC-2021-817" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gbft-tx74-wkhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8278?format=api", "vulnerability_id": "VCID-gg98-zkw8-5ben", "summary": "Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21725" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-49.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-49.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-104.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-104.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/ffa202a17ab7a4a10182b746d230ea66f021fe16/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L189-L198", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:17Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/ffa202a17ab7a4a10182b746d230ea66f021fe16/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L189-L198" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3218043d6d3a019756607643cf65574fbfef5d7a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:17Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/3218043d6d3a019756607643cf65574fbfef5d7a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:17Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21725", "reference_id": "CVE-2022-21725", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21725" }, { "reference_url": "https://github.com/advisories/GHSA-v3f7-j968-4h5f", "reference_id": "GHSA-v3f7-j968-4h5f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v3f7-j968-4h5f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21725", "CVE-2022-21725", "GHSA-v3f7-j968-4h5f", "PYSEC-2022-104", "PYSEC-2022-49" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gg98-zkw8-5ben" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8303?format=api", "vulnerability_id": "VCID-hujj-6vv2-u3c2", "summary": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that any binary op would trigger `CHECK` failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the `dtype` no longer matches the `dtype` expected by the op. In that case, calling the templated binary operator for the binary op would receive corrupted data, due to the type confusion involved. If `Tin` and `Tout` don't match the type of data in `out` and `input_*` tensors then `flat<*>` would interpret it wrongly. In most cases, this would be a silent failure, but we have noticed scenarios where this results in a `CHECK` crash, hence a denial of service. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23583", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52084", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23583" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-92.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-92.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-147.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-147.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/cwise_ops_common.h#L88-L137", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/cwise_ops_common.h#L88-L137" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a7c02f1a9bbc35473969618a09ee5f9f5d3e52d9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a7c02f1a9bbc35473969618a09ee5f9f5d3e52d9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjqc-q9g6-q2j3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjqc-q9g6-q2j3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23583", "reference_id": "CVE-2022-23583", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23583" }, { "reference_url": "https://github.com/advisories/GHSA-gjqc-q9g6-q2j3", "reference_id": "GHSA-gjqc-q9g6-q2j3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gjqc-q9g6-q2j3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23583", "CVE-2022-23583", "GHSA-gjqc-q9g6-q2j3", "PYSEC-2022-147", "PYSEC-2022-92" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hujj-6vv2-u3c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8309?format=api", "vulnerability_id": "VCID-jdud-ufqp-4yg5", "summary": "Tensorflow is an Open Source Machine Learning Framework. The `GraphDef` format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a `GraphDef` containing a fragment such as the following can be consumed when loading a `SavedModel`. This would result in a stack overflow during execution as resolving each `NodeDef` means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56558", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23591" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-100.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-100.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-155.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-155.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/448a16182065bd08a202d9057dd8ca541e67996c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:48Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/448a16182065bd08a202d9057dd8ca541e67996c" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:48Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23591", "reference_id": "CVE-2022-23591", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23591" }, { "reference_url": "https://github.com/advisories/GHSA-247x-2f9f-5wp7", "reference_id": "GHSA-247x-2f9f-5wp7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-247x-2f9f-5wp7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23591", "CVE-2022-23591", "GHSA-247x-2f9f-5wp7", "PYSEC-2022-100", "PYSEC-2022-155" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jdud-ufqp-4yg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3232?format=api", "vulnerability_id": "VCID-kupu-frrt-pqen", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0578", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41216" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-625.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-625.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-823.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-823.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-408.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-408.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/array_ops.cc#L121-L185", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/array_ops.cc#L121-L185" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41216", "reference_id": "CVE-2021-41216", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41216" }, { "reference_url": "https://github.com/advisories/GHSA-3ff2-r28g-w7h9", "reference_id": "GHSA-3ff2-r28g-w7h9", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3ff2-r28g-w7h9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41216", "CVE-2021-41216", "GHSA-3ff2-r28g-w7h9", "PYSEC-2021-408", "PYSEC-2021-625", "PYSEC-2021-823" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kupu-frrt-pqen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8279?format=api", "vulnerability_id": "VCID-ky4u-eny7-33fy", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `UnravelIndex` is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21729" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-53.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-53.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-108.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-108.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/unravel_index_op.cc#L36-L135", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:16Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/unravel_index_op.cc#L36-L135" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/58b34c6c8250983948b5a781b426f6aa01fd47af", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:16Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/58b34c6c8250983948b5a781b426f6aa01fd47af" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-34f9-hjfq-rr8j", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:16Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-34f9-hjfq-rr8j" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21729", "reference_id": "CVE-2022-21729", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21729" }, { "reference_url": "https://github.com/advisories/GHSA-34f9-hjfq-rr8j", "reference_id": "GHSA-34f9-hjfq-rr8j", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-34f9-hjfq-rr8j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21729", "CVE-2022-21729", "GHSA-34f9-hjfq-rr8j", "PYSEC-2022-108", "PYSEC-2022-53" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ky4u-eny7-33fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8298?format=api", "vulnerability_id": "VCID-m4na-tgrp-d7fk", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateOutputSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number of dimensions in `output_shape.dim()` or just a small number of dimensions being large enough to cause an overflow in the multiplication. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23576" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-85.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-85.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-140.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-140.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1598-L1617", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:40Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1598-L1617" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/b9bd6cfd1c50e6807846af9a86f9b83cafc9c8ae", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:40Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/b9bd6cfd1c50e6807846af9a86f9b83cafc9c8ae" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wm93-f238-7v37", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:40Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wm93-f238-7v37" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23576", "reference_id": "CVE-2022-23576", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23576" }, { "reference_url": "https://github.com/advisories/GHSA-wm93-f238-7v37", "reference_id": "GHSA-wm93-f238-7v37", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wm93-f238-7v37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23576", "CVE-2022-23576", "GHSA-wm93-f238-7v37", "PYSEC-2022-140", "PYSEC-2022-85" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4na-tgrp-d7fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8291?format=api", "vulnerability_id": "VCID-mtqg-yga8-eqeu", "summary": "Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23581", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00476", "scoring_system": "epss", "scoring_elements": "0.65178", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23581" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-90.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-90.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-145.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-145.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23581", "reference_id": "CVE-2022-23581", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23581" }, { "reference_url": "https://github.com/advisories/GHSA-fq86-3f29-px2c", "reference_id": "GHSA-fq86-3f29-px2c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fq86-3f29-px2c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23581", "CVE-2022-23581", "GHSA-fq86-3f29-px2c", "PYSEC-2022-145", "PYSEC-2022-90" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mtqg-yga8-eqeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3245?format=api", "vulnerability_id": "VCID-myjm-gbbc-qucg", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41203", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05388", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41203" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-613.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-613.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-811.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-811.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-396.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-396.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41203", "reference_id": "CVE-2021-41203", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41203" }, { "reference_url": "https://github.com/advisories/GHSA-7pxj-m4jf-r6h2", "reference_id": "GHSA-7pxj-m4jf-r6h2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7pxj-m4jf-r6h2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41203", "CVE-2021-41203", "GHSA-7pxj-m4jf-r6h2", "PYSEC-2021-396", "PYSEC-2021-613", "PYSEC-2021-811" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-myjm-gbbc-qucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8301?format=api", "vulnerability_id": "VCID-n62z-1akp-ebck", "summary": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23584", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.4871", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23584" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-93.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-93.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-148.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-148.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L339-L346", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:15Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L339-L346" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e746adbfcfee15e9cfdb391ff746c765b99bdf9b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:15Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e746adbfcfee15e9cfdb391ff746c765b99bdf9b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x4-6qmh-88qg", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:15Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x4-6qmh-88qg" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23584", "reference_id": "CVE-2022-23584", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23584" }, { "reference_url": "https://github.com/advisories/GHSA-24x4-6qmh-88qg", "reference_id": "GHSA-24x4-6qmh-88qg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-24x4-6qmh-88qg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23584", "CVE-2022-23584", "GHSA-24x4-6qmh-88qg", "PYSEC-2022-148", "PYSEC-2022-93" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n62z-1akp-ebck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3226?format=api", "vulnerability_id": "VCID-nfr9-fgdn-4kh8", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41222", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41222" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-631.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-631.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-829.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-829.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-414.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-414.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41222", "reference_id": "CVE-2021-41222", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41222" }, { "reference_url": "https://github.com/advisories/GHSA-cpf4-wx82-gxp6", "reference_id": "GHSA-cpf4-wx82-gxp6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cpf4-wx82-gxp6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41222", "CVE-2021-41222", "GHSA-cpf4-wx82-gxp6", "PYSEC-2021-414", "PYSEC-2021-631", "PYSEC-2021-829" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfr9-fgdn-4kh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8315?format=api", "vulnerability_id": "VCID-ngkq-s26c-qkfj", "summary": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23589", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53639", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23589" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-98.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-98.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-153.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-153.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/mutable_graph_view.cc#L59-L74", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/mutable_graph_view.cc#L59-L74" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L3466-L3497", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L3466-L3497" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/045deec1cbdebb27d817008ad5df94d96a08b1bf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/045deec1cbdebb27d817008ad5df94d96a08b1bf" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/0a365c029e437be0349c31f8d4c9926b69fa3fa1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/0a365c029e437be0349c31f8d4c9926b69fa3fa1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9px9-73fg-3fqp", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9px9-73fg-3fqp" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23589", "reference_id": "CVE-2022-23589", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23589" }, { "reference_url": "https://github.com/advisories/GHSA-9px9-73fg-3fqp", "reference_id": "GHSA-9px9-73fg-3fqp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9px9-73fg-3fqp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23589", "CVE-2022-23589", "GHSA-9px9-73fg-3fqp", "PYSEC-2022-153", "PYSEC-2022-98" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngkq-s26c-qkfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8317?format=api", "vulnerability_id": "VCID-pe9p-a7nn-8bhj", "summary": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that `TensorByteSize` would trigger `CHECK` failures. `TensorShape` constructor throws a `CHECK`-fail if shape is partial or has a number of elements that would overflow the size of an `int`. The `PartialTensorShape` constructor instead does not cause a `CHECK`-abort if the shape is partial, which is exactly what this function needs to be able to return `-1`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23582", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23582" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-91.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-91.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-146.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-146.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/attr_value_util.cc#L46-L50", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/attr_value_util.cc#L46-L50" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/c2426bba00a01de6913738df8fa78e0215fcce02", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/c2426bba00a01de6913738df8fa78e0215fcce02" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4j82-5ccr-4r8v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4j82-5ccr-4r8v" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23582", "reference_id": "CVE-2022-23582", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23582" }, { "reference_url": "https://github.com/advisories/GHSA-4j82-5ccr-4r8v", "reference_id": "GHSA-4j82-5ccr-4r8v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4j82-5ccr-4r8v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23582", "CVE-2022-23582", "GHSA-4j82-5ccr-4r8v", "PYSEC-2022-146", "PYSEC-2022-91" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pe9p-a7nn-8bhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8293?format=api", "vulnerability_id": "VCID-q4zv-syab-bbh8", "summary": "Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in `TfLiteIntArrayCreate`. The `TfLiteIntArrayGetSizeInBytes` returns an `int` instead of a `size_t. An attacker can control model inputs such that `computed_size` overflows the size of `int` datatype. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.6033", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23558" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-67.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-67.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-122.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-122.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L24-L33", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L24-L33" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L53-L60", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L53-L60" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a1e1511dde36b3f8aa27a6ec630838e7ea40e091", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a1e1511dde36b3f8aa27a6ec630838e7ea40e091" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9gwq-6cwj-47h3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9gwq-6cwj-47h3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23558", "reference_id": "CVE-2022-23558", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23558" }, { "reference_url": "https://github.com/advisories/GHSA-9gwq-6cwj-47h3", "reference_id": "GHSA-9gwq-6cwj-47h3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9gwq-6cwj-47h3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23558", "CVE-2022-23558", "GHSA-9gwq-6cwj-47h3", "PYSEC-2022-122", "PYSEC-2022-67" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4zv-syab-bbh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3251?format=api", "vulnerability_id": "VCID-qdnt-cg25-5kdx", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06691", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41197" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-607.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-607.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-805.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-805.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-390.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-390.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46890", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/46890" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/51908", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/51908" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41197", "reference_id": "CVE-2021-41197", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41197" }, { "reference_url": "https://github.com/advisories/GHSA-prcg-wp5q-rv7p", "reference_id": "GHSA-prcg-wp5q-rv7p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-prcg-wp5q-rv7p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41197", "CVE-2021-41197", "GHSA-prcg-wp5q-rv7p", "PYSEC-2021-390", "PYSEC-2021-607", "PYSEC-2021-805" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdnt-cg25-5kdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8304?format=api", "vulnerability_id": "VCID-qgr6-bqrc-puhs", "summary": "Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. Users are advised to upgrade as soon as possible.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53147", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23560" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-69.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-69.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-124.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-124.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/internal/utils/sparsity_format_converter.cc#L252-L293", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/internal/utils/sparsity_format_converter.cc#L252-L293" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6364463d6f5b6254cac3d6aedf999b6a96225038", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/6364463d6f5b6254cac3d6aedf999b6a96225038" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23560", "reference_id": "CVE-2022-23560", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23560" }, { "reference_url": "https://github.com/advisories/GHSA-4hvf-hxvg-f67v", "reference_id": "GHSA-4hvf-hxvg-f67v", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4hvf-hxvg-f67v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23560", "CVE-2022-23560", "GHSA-4hvf-hxvg-f67v", "PYSEC-2022-124", "PYSEC-2022-69" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgr6-bqrc-puhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3252?format=api", "vulnerability_id": "VCID-qvnc-gzf6-y3f3", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15532", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41196" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-606.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-606.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-804.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-804.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-389.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-389.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/51936", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/51936" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41196", "reference_id": "CVE-2021-41196", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41196" }, { "reference_url": "https://github.com/advisories/GHSA-m539-j985-hcr8", "reference_id": "GHSA-m539-j985-hcr8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m539-j985-hcr8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41196", "CVE-2021-41196", "GHSA-m539-j985-hcr8", "PYSEC-2021-389", "PYSEC-2021-606", "PYSEC-2021-804" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qvnc-gzf6-y3f3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8274?format=api", "vulnerability_id": "VCID-qxqd-f1bw-y7h4", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `ThreadPoolHandle` can be used to trigger a denial of service attack by allocating too much memory. This is because the `num_threads` argument is only checked to not be negative, but there is no upper bound on its value. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21732" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-56.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-56.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-111.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-111.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/experimental/threadpool_dataset_op.cc#L79-L135", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T17:14:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/experimental/threadpool_dataset_op.cc#L79-L135" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e3749a6d5d1e8d11806d4a2e9cc3123d1a90b75e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T17:14:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e3749a6d5d1e8d11806d4a2e9cc3123d1a90b75e" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T17:14:02Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21732", "reference_id": "CVE-2022-21732", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21732" }, { "reference_url": "https://github.com/advisories/GHSA-c582-c96p-r5cq", "reference_id": "GHSA-c582-c96p-r5cq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c582-c96p-r5cq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21732", "CVE-2022-21732", "GHSA-c582-c96p-r5cq", "PYSEC-2022-111", "PYSEC-2022-56" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxqd-f1bw-y7h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3230?format=api", "vulnerability_id": "VCID-rkx2-5nyj-bbhu", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41218" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-627.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-627.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-825.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-825.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-410.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-410.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41218", "reference_id": "CVE-2021-41218", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41218" }, { "reference_url": "https://github.com/advisories/GHSA-9crf-c6qr-r273", "reference_id": "GHSA-9crf-c6qr-r273", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9crf-c6qr-r273" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41218", "CVE-2021-41218", "GHSA-9crf-c6qr-r273", "PYSEC-2021-410", "PYSEC-2021-627", "PYSEC-2021-825" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkx2-5nyj-bbhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3235?format=api", "vulnerability_id": "VCID-rr2a-8jrx-6ue8", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41213", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13618", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41213" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-622.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-622.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-820.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-820.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-405.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-405.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41213", "reference_id": "CVE-2021-41213", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41213" }, { "reference_url": "https://github.com/advisories/GHSA-h67m-xg8f-fxcf", "reference_id": "GHSA-h67m-xg8f-fxcf", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-h67m-xg8f-fxcf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41213", "CVE-2021-41213", "GHSA-h67m-xg8f-fxcf", "PYSEC-2021-405", "PYSEC-2021-622", "PYSEC-2021-820" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rr2a-8jrx-6ue8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8271?format=api", "vulnerability_id": "VCID-rsau-jvcr-uudd", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseTensorSliceDataset` has an undefined behavior: under certain condition it can be made to dereference a `nullptr` value. The 3 input arguments to `SparseTensorSliceDataset` represent a sparse tensor. However, there are some preconditions that these arguments must satisfy but these are not validated in the implementation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56243", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21736" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-60.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-60.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-115.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-115.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L227-L292", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:19Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L227-L292" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/965b97e4a9650495cda5a8c210ef6684b4b9eceb", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:19Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/965b97e4a9650495cda5a8c210ef6684b4b9eceb" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:19Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21736", "reference_id": "CVE-2022-21736", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21736" }, { "reference_url": "https://github.com/advisories/GHSA-pfjj-m3jj-9jc9", "reference_id": "GHSA-pfjj-m3jj-9jc9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pfjj-m3jj-9jc9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21736", "CVE-2022-21736", "GHSA-pfjj-m3jj-9jc9", "PYSEC-2022-115", "PYSEC-2022-60" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsau-jvcr-uudd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8313?format=api", "vulnerability_id": "VCID-rt4b-xxm6-xubs", "summary": "Tensorflow is an Open Source Machine Learning Framework. A `GraphDef` from a TensorFlow `SavedModel` can be maliciously altered to cause a TensorFlow process to crash due to encountering a `StatusOr` value that is an error and forcibly extracting the value from it. We have patched the issue in multiple GitHub commits and these will be included in TensorFlow 2.8.0 and TensorFlow 2.7.1, as both are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23590", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47086", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23590" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-99.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-99.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-154.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-154.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L560-L567", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L560-L567" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/955059813cc325dc1db5e2daa6221271406d4439", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/955059813cc325dc1db5e2daa6221271406d4439" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pqrv-8r2f-7278", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pqrv-8r2f-7278" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23590", "reference_id": "CVE-2022-23590", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23590" }, { "reference_url": "https://github.com/advisories/GHSA-pqrv-8r2f-7278", "reference_id": "GHSA-pqrv-8r2f-7278", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pqrv-8r2f-7278" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23590", "CVE-2022-23590", "GHSA-pqrv-8r2f-7278", "PYSEC-2022-154", "PYSEC-2022-99" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rt4b-xxm6-xubs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3223?format=api", "vulnerability_id": "VCID-rujq-67w1-u3g7", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41225", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05281", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41225" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-634.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-634.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-832.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-832.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-417.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-417.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41225", "reference_id": "CVE-2021-41225", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41225" }, { "reference_url": "https://github.com/advisories/GHSA-7r94-xv9v-63jw", "reference_id": "GHSA-7r94-xv9v-63jw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7r94-xv9v-63jw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41225", "CVE-2021-41225", "GHSA-7r94-xv9v-63jw", "PYSEC-2021-417", "PYSEC-2021-634", "PYSEC-2021-832" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rujq-67w1-u3g7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3233?format=api", "vulnerability_id": "VCID-sb7m-pngm-5fbj", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41215", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04734", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41215" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-624.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-624.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-822.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-822.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-407.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-407.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41215", "reference_id": "CVE-2021-41215", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41215" }, { "reference_url": "https://github.com/advisories/GHSA-x3v8-c8qx-3j3r", "reference_id": "GHSA-x3v8-c8qx-3j3r", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-x3v8-c8qx-3j3r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41215", "CVE-2021-41215", "GHSA-x3v8-c8qx-3j3r", "PYSEC-2021-407", "PYSEC-2021-624", "PYSEC-2021-822" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sb7m-pngm-5fbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3242?format=api", "vulnerability_id": "VCID-sf59-u7jt-4bd5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01184", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41206" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-845.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-845.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-847.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-847.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-843.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-843.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41206", "reference_id": "CVE-2021-41206", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41206" }, { "reference_url": "https://github.com/advisories/GHSA-pgcq-h79j-2f69", "reference_id": "GHSA-pgcq-h79j-2f69", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pgcq-h79j-2f69" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" } ], "aliases": [ "BIT-tensorflow-2021-41206", "CVE-2021-41206", "GHSA-pgcq-h79j-2f69", "PYSEC-2021-843", "PYSEC-2021-845", "PYSEC-2021-847" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sf59-u7jt-4bd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8314?format=api", "vulnerability_id": "VCID-ugta-nt2s-27fk", "summary": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the `DCHECK` function however, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the `ValueOrDie` line. This results in an assertion failure as `ret` contains an error `Status`, not a value. In the second case we also get a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23572", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66571", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23572" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-81.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-81.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-136.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-136.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L168-L174", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:10Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L168-L174" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/cb164786dc891ea11d3a900e90367c339305dc7b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:10Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/cb164786dc891ea11d3a900e90367c339305dc7b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rww7-2gpw-fv6j", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:50:10Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rww7-2gpw-fv6j" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23572", "reference_id": "CVE-2022-23572", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23572" }, { "reference_url": "https://github.com/advisories/GHSA-rww7-2gpw-fv6j", "reference_id": "GHSA-rww7-2gpw-fv6j", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rww7-2gpw-fv6j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23572", "CVE-2022-23572", "GHSA-rww7-2gpw-fv6j", "PYSEC-2022-136", "PYSEC-2022-81" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ugta-nt2s-27fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8319?format=api", "vulnerability_id": "VCID-v2nf-1526-nkbp", "summary": "Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30304", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23565" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-74.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-74.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-129.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-129.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/c2b31ff2d3151acb230edc3f5b1832d2c713a9e0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/c2b31ff2d3151acb230edc3f5b1832d2c713a9e0" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23565", "reference_id": "CVE-2022-23565", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23565" }, { "reference_url": "https://github.com/advisories/GHSA-4v5p-v5h9-6xjx", "reference_id": "GHSA-4v5p-v5h9-6xjx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4v5p-v5h9-6xjx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23565", "CVE-2022-23565", "GHSA-4v5p-v5h9-6xjx", "PYSEC-2022-129", "PYSEC-2022-74" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v2nf-1526-nkbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8299?format=api", "vulnerability_id": "VCID-vfgz-fss4-wbgu", "summary": "Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23574", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53147", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23574" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-83.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-83.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-138.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-138.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L81-L102", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:49Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L81-L102" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/0657c83d08845cc434175934c642299de2c0f042", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:49Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/0657c83d08845cc434175934c642299de2c0f042" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-77gp-3h4r-6428", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:44:49Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-77gp-3h4r-6428" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23574", "reference_id": "CVE-2022-23574", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23574" }, { "reference_url": "https://github.com/advisories/GHSA-77gp-3h4r-6428", "reference_id": "GHSA-77gp-3h4r-6428", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-77gp-3h4r-6428" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23574", "CVE-2022-23574", "GHSA-77gp-3h4r-6428", "PYSEC-2022-138", "PYSEC-2022-83" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfgz-fss4-wbgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8306?format=api", "vulnerability_id": "VCID-vgv7-xc3c-1fb3", "summary": "Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23564", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30304", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23564" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-73.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-73.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-128.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-128.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/14fea662350e7c26eb5fe1be2ac31704e5682ee6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:11:10Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/14fea662350e7c26eb5fe1be2ac31704e5682ee6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:11:10Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23564", "reference_id": "CVE-2022-23564", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23564" }, { "reference_url": "https://github.com/advisories/GHSA-8rcj-c8pj-v3m3", "reference_id": "GHSA-8rcj-c8pj-v3m3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8rcj-c8pj-v3m3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23564", "CVE-2022-23564", "GHSA-8rcj-c8pj-v3m3", "PYSEC-2022-128", "PYSEC-2022-73" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgv7-xc3c-1fb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8270?format=api", "vulnerability_id": "VCID-vnn5-y8ez-rub9", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTensorsMap` is vulnerable to an integer overflow which results in a `CHECK`-fail when building new `TensorShape` objects (so, an assert failure based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53888", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23568" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-77.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-77.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-132.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-132.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/sparse_tensors_map_ops.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:24Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/sparse_tensors_map_ops.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a68f68061e263a88321c104a6c911fe5598050a8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:24Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a68f68061e263a88321c104a6c911fe5598050a8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/b51b82fe65ebace4475e3c54eb089c18a4403f1c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:24Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/b51b82fe65ebace4475e3c54eb089c18a4403f1c" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6445-fm66-fvq2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:47:24Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6445-fm66-fvq2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23568", "reference_id": "CVE-2022-23568", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23568" }, { "reference_url": "https://github.com/advisories/GHSA-6445-fm66-fvq2", "reference_id": "GHSA-6445-fm66-fvq2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6445-fm66-fvq2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23568", "CVE-2022-23568", "GHSA-6445-fm66-fvq2", "PYSEC-2022-132", "PYSEC-2022-77" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnn5-y8ez-rub9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8282?format=api", "vulnerability_id": "VCID-vpyd-he5n-b3a4", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `QuantizedMaxPool` has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44697", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21739" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-63.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-63.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-118.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-118.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/quantized_pooling_ops.cc#L114-L130", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/quantized_pooling_ops.cc#L114-L130" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/53b0dd6dc5957652f35964af16b892ec9af4a559", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/53b0dd6dc5957652f35964af16b892ec9af4a559" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21739", "reference_id": "CVE-2022-21739", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21739" }, { "reference_url": "https://github.com/advisories/GHSA-3mw4-6rj6-74g5", "reference_id": "GHSA-3mw4-6rj6-74g5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3mw4-6rj6-74g5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21739", "CVE-2022-21739", "GHSA-3mw4-6rj6-74g5", "PYSEC-2022-118", "PYSEC-2022-63" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpyd-he5n-b3a4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8288?format=api", "vulnerability_id": "VCID-vqxg-mnz4-13cg", "summary": "Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23570", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66643", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23570" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-79.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-79.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-134.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-134.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L104-L106", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:57Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L104-L106" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8a513cec4bec15961fbfdedcaa5376522980455c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:57Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8a513cec4bec15961fbfdedcaa5376522980455c" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9p77-mmrw-69c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:49:57Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9p77-mmrw-69c7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23570", "reference_id": "CVE-2022-23570", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23570" }, { "reference_url": "https://github.com/advisories/GHSA-9p77-mmrw-69c7", "reference_id": "GHSA-9p77-mmrw-69c7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9p77-mmrw-69c7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23570", "CVE-2022-23570", "GHSA-9p77-mmrw-69c7", "PYSEC-2022-134", "PYSEC-2022-79" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vqxg-mnz4-13cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3240?format=api", "vulnerability_id": "VCID-w2ns-kqmv-xfan", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01882", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41208" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-617.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-617.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-815.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-815.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-400.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-400.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41208", "reference_id": "CVE-2021-41208", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41208" }, { "reference_url": "https://github.com/advisories/GHSA-57wx-m983-2f88", "reference_id": "GHSA-57wx-m983-2f88", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-57wx-m983-2f88" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41208", "CVE-2021-41208", "GHSA-57wx-m983-2f88", "PYSEC-2021-400", "PYSEC-2021-617", "PYSEC-2021-815" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w2ns-kqmv-xfan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8305?format=api", "vulnerability_id": "VCID-x2t2-4sa6-qygs", "summary": "Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23561", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38678", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23561" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-70.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-70.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-125.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-125.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6c0b2b70eeee588591680f5b7d5d38175fd7cdf6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/6c0b2b70eeee588591680f5b7d5d38175fd7cdf6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c78-vcq7-7vxq", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c78-vcq7-7vxq" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23561", "reference_id": "CVE-2022-23561", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23561" }, { "reference_url": "https://github.com/advisories/GHSA-9c78-vcq7-7vxq", "reference_id": "GHSA-9c78-vcq7-7vxq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9c78-vcq7-7vxq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23561", "CVE-2022-23561", "GHSA-9c78-vcq7-7vxq", "PYSEC-2022-125", "PYSEC-2022-70" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x2t2-4sa6-qygs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8295?format=api", "vulnerability_id": "VCID-x5x3-2cyz-xbhe", "summary": "Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item->kernel` to `nullptr` but it is a simple `OpKernel*` pointer so the memory that was previously allocated to it would leak. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23578", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.4199", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23578" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-87.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-87.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-142.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-142.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/common_runtime/immutable_executor_state.cc#L84-L262", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/common_runtime/immutable_executor_state.cc#L84-L262" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/c79ccba517dbb1a0ccb9b01ee3bd2a63748b60dd", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/c79ccba517dbb1a0ccb9b01ee3bd2a63748b60dd" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8r7c-3cm2-3h8f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8r7c-3cm2-3h8f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23578", "reference_id": "CVE-2022-23578", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23578" }, { "reference_url": "https://github.com/advisories/GHSA-8r7c-3cm2-3h8f", "reference_id": "GHSA-8r7c-3cm2-3h8f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8r7c-3cm2-3h8f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-23578", "CVE-2022-23578", "GHSA-8r7c-3cm2-3h8f", "PYSEC-2022-142", "PYSEC-2022-87" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5x3-2cyz-xbhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3247?format=api", "vulnerability_id": "VCID-xbt8-r95u-sqbu", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41201", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06636", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41201" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-611.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-611.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-809.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-809.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-394.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-394.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41201", "reference_id": "CVE-2021-41201", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41201" }, { "reference_url": "https://github.com/advisories/GHSA-j86v-p27c-73fm", "reference_id": "GHSA-j86v-p27c-73fm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j86v-p27c-73fm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41201", "CVE-2021-41201", "GHSA-j86v-p27c-73fm", "PYSEC-2021-394", "PYSEC-2021-611", "PYSEC-2021-809" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xbt8-r95u-sqbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3236?format=api", "vulnerability_id": "VCID-y7hx-h69v-wfcy", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41212", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41212" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-621.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-621.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-819.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-819.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-404.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-404.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41212", "reference_id": "CVE-2021-41212", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41212" }, { "reference_url": "https://github.com/advisories/GHSA-fr77-rrx3-cp7g", "reference_id": "GHSA-fr77-rrx3-cp7g", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fr77-rrx3-cp7g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23636?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-7uu3-mfan-4ue5" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xn72-z6kg-q7bp" }, { "vulnerability": "VCID-y8ed-ynrx-37af" }, { "vulnerability": "VCID-yvag-32h1-yfc5" }, { "vulnerability": "VCID-yvef-kyv2-qbea" }, { "vulnerability": "VCID-yx57-74vr-rfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.0" } ], "aliases": [ "BIT-tensorflow-2021-41212", "CVE-2021-41212", "GHSA-fr77-rrx3-cp7g", "PYSEC-2021-404", "PYSEC-2021-621", "PYSEC-2021-819" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y7hx-h69v-wfcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3253?format=api", "vulnerability_id": "VCID-yh43-ndzp-4ue9", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41195", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11785", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41195" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-844.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-844.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-846.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-846.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-842.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-842.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429" }, { "reference_url": "https://github.com/tensorflow/tensorflow/issues/46888", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/issues/46888" }, { "reference_url": "https://github.com/tensorflow/tensorflow/pull/51733", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/pull/51733" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh" }, { "reference_url": "https://security.archlinux.org/AVG-2529", "reference_id": "AVG-2529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41195", "reference_id": "CVE-2021-41195", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41195" }, { "reference_url": "https://github.com/advisories/GHSA-cq76-mxrc-vchh", "reference_id": "GHSA-cq76-mxrc-vchh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cq76-mxrc-vchh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23632?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23633?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.1" } ], "aliases": [ "BIT-tensorflow-2021-41195", "CVE-2021-41195", "GHSA-cq76-mxrc-vchh", "PYSEC-2021-842", "PYSEC-2021-844", "PYSEC-2021-846" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yh43-ndzp-4ue9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8284?format=api", "vulnerability_id": "VCID-yvag-32h1-yfc5", "summary": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54726", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21740" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-64.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-64.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-119.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-119.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/2b7100d6cdff36aa21010a82269bc05a6d1cc74a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/2b7100d6cdff36aa21010a82269bc05a6d1cc74a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/adbbabdb0d3abb3cdeac69e38a96de1d678b24b3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/adbbabdb0d3abb3cdeac69e38a96de1d678b24b3" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21740", "reference_id": "CVE-2022-21740", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21740" }, { "reference_url": "https://github.com/advisories/GHSA-44qp-9wwf-734r", "reference_id": "GHSA-44qp-9wwf-734r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-44qp-9wwf-734r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25368?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25369?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rt4b-xxm6-xubs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25376?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.7.1" } ], "aliases": [ "BIT-tensorflow-2022-21740", "CVE-2022-21740", "GHSA-44qp-9wwf-734r", "PYSEC-2022-119", "PYSEC-2022-64" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yvag-32h1-yfc5" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1306?format=api", "vulnerability_id": "VCID-24nt-xz5z-nqdx", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11682", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37657" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-570.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-570.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-768.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-279.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-279.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f2a673bd34f0d64b8e40a551ac78989d16daad09", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f2a673bd34f0d64b8e40a551ac78989d16daad09" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5xwc-mrhx-5g3m", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5xwc-mrhx-5g3m" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37657", "reference_id": "CVE-2021-37657", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37657" }, { "reference_url": "https://github.com/advisories/GHSA-5xwc-mrhx-5g3m", "reference_id": "GHSA-5xwc-mrhx-5g3m", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5xwc-mrhx-5g3m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37657", "CVE-2021-37657", "GHSA-5xwc-mrhx-5g3m", "PYSEC-2021-279", "PYSEC-2021-570", "PYSEC-2021-768" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24nt-xz5z-nqdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1308?format=api", "vulnerability_id": "VCID-37p1-d12g-quf8", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11682", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37655" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-568.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-568.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-766.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-766.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-277.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-277.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/01cff3f986259d661103412a20745928c727326f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/01cff3f986259d661103412a20745928c727326f" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7fvx-3jfc-2cpc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7fvx-3jfc-2cpc" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37655", "reference_id": "CVE-2021-37655", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37655" }, { "reference_url": "https://github.com/advisories/GHSA-7fvx-3jfc-2cpc", "reference_id": "GHSA-7fvx-3jfc-2cpc", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7fvx-3jfc-2cpc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37655", "CVE-2021-37655", "GHSA-7fvx-3jfc-2cpc", "PYSEC-2021-277", "PYSEC-2021-568", "PYSEC-2021-766" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-37p1-d12g-quf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1284?format=api", "vulnerability_id": "VCID-3994-kqbn-67cn", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09895", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37679" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-592.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-592.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-790.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-790.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-301.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-301.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4e2565483d0ffcadc719bd44893fb7f609bb5f12", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/4e2565483d0ffcadc719bd44893fb7f609bb5f12" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g8wg-cjwc-xhhp", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g8wg-cjwc-xhhp" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37679", "reference_id": "CVE-2021-37679", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37679" }, { "reference_url": "https://github.com/advisories/GHSA-g8wg-cjwc-xhhp", "reference_id": "GHSA-g8wg-cjwc-xhhp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g8wg-cjwc-xhhp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37679", "CVE-2021-37679", "GHSA-g8wg-cjwc-xhhp", "PYSEC-2021-301", "PYSEC-2021-592", "PYSEC-2021-790" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3994-kqbn-67cn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1301?format=api", "vulnerability_id": "VCID-3ppf-jdk6-y3g8", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28398", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37662" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-575.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-575.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-773.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-773.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-284.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-284.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/429f009d2b2c09028647dd4bb7b3f6f414bbaad7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/429f009d2b2c09028647dd4bb7b3f6f414bbaad7" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9c87c32c710d0b5b53dc6fd3bfde4046e1f7a5ad", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/9c87c32c710d0b5b53dc6fd3bfde4046e1f7a5ad" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f5cx-5wr3-5qrc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f5cx-5wr3-5qrc" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37662", "reference_id": "CVE-2021-37662", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37662" }, { "reference_url": "https://github.com/advisories/GHSA-f5cx-5wr3-5qrc", "reference_id": "GHSA-f5cx-5wr3-5qrc", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-f5cx-5wr3-5qrc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37662", "CVE-2021-37662", "GHSA-f5cx-5wr3-5qrc", "PYSEC-2021-284", "PYSEC-2021-575", "PYSEC-2021-773" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ppf-jdk6-y3g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1292?format=api", "vulnerability_id": "VCID-4c8e-13wm-jyc6", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1157", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37671" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-584.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-584.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-782.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-782.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-293.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-293.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/532f5c5a547126c634fefd43bbad1dc6417678ac", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/532f5c5a547126c634fefd43bbad1dc6417678ac" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qr82-2c78-4m8h", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qr82-2c78-4m8h" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37671", "reference_id": "CVE-2021-37671", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37671" }, { "reference_url": "https://github.com/advisories/GHSA-qr82-2c78-4m8h", "reference_id": "GHSA-qr82-2c78-4m8h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-qr82-2c78-4m8h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37671", "CVE-2021-37671", "GHSA-qr82-2c78-4m8h", "PYSEC-2021-293", "PYSEC-2021-584", "PYSEC-2021-782" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4c8e-13wm-jyc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1282?format=api", "vulnerability_id": "VCID-4fax-cv4q-9bb2", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1157", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37681" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-594.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-594.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-792.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-792.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-303.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-303.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/svdf.cc#L300-L313", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/svdf.cc#L300-L313" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/5b048e87e4e55990dae6b547add4dae59f4e1c76", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/5b048e87e4e55990dae6b547add4dae59f4e1c76" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7xwj-5r4v-429p", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7xwj-5r4v-429p" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37681", "reference_id": "CVE-2021-37681", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37681" }, { "reference_url": "https://github.com/advisories/GHSA-7xwj-5r4v-429p", "reference_id": "GHSA-7xwj-5r4v-429p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7xwj-5r4v-429p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37681", "CVE-2021-37681", "GHSA-7xwj-5r4v-429p", "PYSEC-2021-303", "PYSEC-2021-594", "PYSEC-2021-792" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4fax-cv4q-9bb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1302?format=api", "vulnerability_id": "VCID-55ry-uteb-7ke9", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37661", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37661" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-574.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-574.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-772.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-772.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-283.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-283.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8a84f7a2b5a2b27ecf88d25bad9ac777cd2f7992", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8a84f7a2b5a2b27ecf88d25bad9ac777cd2f7992" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf88-j2mg-cc82", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf88-j2mg-cc82" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37661", "reference_id": "CVE-2021-37661", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37661" }, { "reference_url": "https://github.com/advisories/GHSA-gf88-j2mg-cc82", "reference_id": "GHSA-gf88-j2mg-cc82", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gf88-j2mg-cc82" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37661", "CVE-2021-37661", "GHSA-gf88-j2mg-cc82", "PYSEC-2021-283", "PYSEC-2021-574", "PYSEC-2021-772" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55ry-uteb-7ke9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1285?format=api", "vulnerability_id": "VCID-58c5-tv8t-93fq", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37678", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01023", "scoring_system": "epss", "scoring_elements": "0.77556", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37678" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-591.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-591.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-789.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-789.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-300.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-300.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1df5a69e9f1a18a937e7907223066e606bf466b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1df5a69e9f1a18a937e7907223066e606bf466b9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/23d6383eb6c14084a8fc3bdf164043b974818012", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/23d6383eb6c14084a8fc3bdf164043b974818012" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8e47a685785bef8f81bcb996048921dfde08a9ab", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8e47a685785bef8f81bcb996048921dfde08a9ab" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a09ab4e77afdcc6e1e045c9d41d5edab63aafc1a", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a09ab4e77afdcc6e1e045c9d41d5edab63aafc1a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6jx-9g48-2r5r", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6jx-9g48-2r5r" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37678", "reference_id": "CVE-2021-37678", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37678" }, { "reference_url": "https://github.com/advisories/GHSA-r6jx-9g48-2r5r", "reference_id": "GHSA-r6jx-9g48-2r5r", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-r6jx-9g48-2r5r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37678", "CVE-2021-37678", "GHSA-r6jx-9g48-2r5r", "PYSEC-2021-300", "PYSEC-2021-591", "PYSEC-2021-789" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-58c5-tv8t-93fq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1283?format=api", "vulnerability_id": "VCID-5dj1-vz8t-ffeb", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37680", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37680" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-593.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-593.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-791.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-791.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-302.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-302.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/fully_connected.cc#L226", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/fully_connected.cc#L226" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/718721986aa137691ee23f03638867151f74935f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/718721986aa137691ee23f03638867151f74935f" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cfpj-3q4c-jhvr", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cfpj-3q4c-jhvr" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37680", "reference_id": "CVE-2021-37680", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37680" }, { "reference_url": "https://github.com/advisories/GHSA-cfpj-3q4c-jhvr", "reference_id": "GHSA-cfpj-3q4c-jhvr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cfpj-3q4c-jhvr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37680", "CVE-2021-37680", "GHSA-cfpj-3q4c-jhvr", "PYSEC-2021-302", "PYSEC-2021-593", "PYSEC-2021-791" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5dj1-vz8t-ffeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1289?format=api", "vulnerability_id": "VCID-5qyz-5xzb-zqc1", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09802", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37674" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-587.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-587.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-785.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-785.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-296.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-296.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-068.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-068.md" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/136b51f10903e044308cf77117c0ed9871350475", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/136b51f10903e044308cf77117c0ed9871350475" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7ghq-fvr3-pj2x", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7ghq-fvr3-pj2x" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37674", "reference_id": "CVE-2021-37674", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37674" }, { "reference_url": "https://github.com/advisories/GHSA-7ghq-fvr3-pj2x", "reference_id": "GHSA-7ghq-fvr3-pj2x", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7ghq-fvr3-pj2x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37674", "CVE-2021-37674", "GHSA-7ghq-fvr3-pj2x", "PYSEC-2021-296", "PYSEC-2021-587", "PYSEC-2021-785" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qyz-5xzb-zqc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1281?format=api", "vulnerability_id": "VCID-64j2-brru-xqfw", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37682", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11972", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37682" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-595.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-595.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-793.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-793.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-304.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-304.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4c4g-crqm-xrxw", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4c4g-crqm-xrxw" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37682", "reference_id": "CVE-2021-37682", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37682" }, { "reference_url": "https://github.com/advisories/GHSA-4c4g-crqm-xrxw", "reference_id": "GHSA-4c4g-crqm-xrxw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4c4g-crqm-xrxw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37682", "CVE-2021-37682", "GHSA-4c4g-crqm-xrxw", "PYSEC-2021-304", "PYSEC-2021-595", "PYSEC-2021-793" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-64j2-brru-xqfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1316?format=api", "vulnerability_id": "VCID-6ebn-m9rw-7ya7", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37647", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14031", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37647" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-560.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-560.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-758.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-758.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-269.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-269.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/02cc160e29d20631de3859c6653184e3f876b9d7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/02cc160e29d20631de3859c6653184e3f876b9d7" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c5x2-p679-95wc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c5x2-p679-95wc" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37647", "reference_id": "CVE-2021-37647", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37647" }, { "reference_url": "https://github.com/advisories/GHSA-c5x2-p679-95wc", "reference_id": "GHSA-c5x2-p679-95wc", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-c5x2-p679-95wc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37647", "CVE-2021-37647", "GHSA-c5x2-p679-95wc", "PYSEC-2021-269", "PYSEC-2021-560", "PYSEC-2021-758" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ebn-m9rw-7ya7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1325?format=api", "vulnerability_id": "VCID-6sab-b21w-9kc9", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37638", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02465", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37638" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-551.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-551.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-749.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-749.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-260.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-260.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/301ae88b331d37a2a16159b65b255f4f9eb39314", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/301ae88b331d37a2a16159b65b255f4f9eb39314" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hwr7-8gxx-fj5p", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hwr7-8gxx-fj5p" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37638", "reference_id": "CVE-2021-37638", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37638" }, { "reference_url": "https://github.com/advisories/GHSA-hwr7-8gxx-fj5p", "reference_id": "GHSA-hwr7-8gxx-fj5p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-hwr7-8gxx-fj5p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37638", "CVE-2021-37638", "GHSA-hwr7-8gxx-fj5p", "PYSEC-2021-260", "PYSEC-2021-551", "PYSEC-2021-749" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6sab-b21w-9kc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1298?format=api", "vulnerability_id": "VCID-6wkx-ycyz-1qhd", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11537", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37665" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-578.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-578.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-776.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-776.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-287.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-287.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v82p-hv3v-p6qp", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v82p-hv3v-p6qp" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37665", "reference_id": "CVE-2021-37665", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37665" }, { "reference_url": "https://github.com/advisories/GHSA-v82p-hv3v-p6qp", "reference_id": "GHSA-v82p-hv3v-p6qp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-v82p-hv3v-p6qp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37665", "CVE-2021-37665", "GHSA-v82p-hv3v-p6qp", "PYSEC-2021-287", "PYSEC-2021-578", "PYSEC-2021-776" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wkx-ycyz-1qhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1327?format=api", "vulnerability_id": "VCID-7wsk-p6nu-7fa5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37636" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-549.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-549.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-747.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-747.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-258.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-258.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d9204be9f49520cdaaeb2541d1dc5187b23f31d9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d9204be9f49520cdaaeb2541d1dc5187b23f31d9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hp4c-x6r7-6555", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hp4c-x6r7-6555" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37636", "reference_id": "CVE-2021-37636", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37636" }, { "reference_url": "https://github.com/advisories/GHSA-hp4c-x6r7-6555", "reference_id": "GHSA-hp4c-x6r7-6555", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-hp4c-x6r7-6555" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37636", "CVE-2021-37636", "GHSA-hp4c-x6r7-6555", "PYSEC-2021-258", "PYSEC-2021-549", "PYSEC-2021-747" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7wsk-p6nu-7fa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1293?format=api", "vulnerability_id": "VCID-81sp-dd4z-2khc", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17249", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37670" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-583.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-583.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-781.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-781.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-292.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-292.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/42459e4273c2e47a3232cc16c4f4fff3b3a35c38", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/42459e4273c2e47a3232cc16c4f4fff3b3a35c38" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9697-98pf-4rw7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9697-98pf-4rw7" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37670", "reference_id": "CVE-2021-37670", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37670" }, { "reference_url": "https://github.com/advisories/GHSA-9697-98pf-4rw7", "reference_id": "GHSA-9697-98pf-4rw7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9697-98pf-4rw7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37670", "CVE-2021-37670", "GHSA-9697-98pf-4rw7", "PYSEC-2021-292", "PYSEC-2021-583", "PYSEC-2021-781" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81sp-dd4z-2khc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1315?format=api", "vulnerability_id": "VCID-87bh-depq-8fdm", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37648", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0906", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37648" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-561.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-561.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-759.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-759.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-270.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-270.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9728c60e136912a12d99ca56e106b7cce7af5986", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/9728c60e136912a12d99ca56e106b7cce7af5986" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wp77-4gmm-7cq8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wp77-4gmm-7cq8" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37648", "reference_id": "CVE-2021-37648", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37648" }, { "reference_url": "https://github.com/advisories/GHSA-wp77-4gmm-7cq8", "reference_id": "GHSA-wp77-4gmm-7cq8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wp77-4gmm-7cq8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37648", "CVE-2021-37648", "GHSA-wp77-4gmm-7cq8", "PYSEC-2021-270", "PYSEC-2021-561", "PYSEC-2021-759" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-87bh-depq-8fdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1288?format=api", "vulnerability_id": "VCID-8k4s-zwck-fkg4", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37675", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37675" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-588.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-588.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-786.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-786.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-297.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-297.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c8h-2mv3-49ww", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c8h-2mv3-49ww" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37675", "reference_id": "CVE-2021-37675", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37675" }, { "reference_url": "https://github.com/advisories/GHSA-9c8h-2mv3-49ww", "reference_id": "GHSA-9c8h-2mv3-49ww", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9c8h-2mv3-49ww" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37675", "CVE-2021-37675", "GHSA-9c8h-2mv3-49ww", "PYSEC-2021-297", "PYSEC-2021-588", "PYSEC-2021-786" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8k4s-zwck-fkg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1303?format=api", "vulnerability_id": "VCID-8qh6-fg49-u3b2", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37660", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37660" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-573.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-573.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-771.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-771.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-282.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-282.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e86605c0a336c088b638da02135ea6f9f6753618", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e86605c0a336c088b638da02135ea6f9f6753618" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cm5x-837x-jf3c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cm5x-837x-jf3c" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37660", "reference_id": "CVE-2021-37660", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37660" }, { "reference_url": "https://github.com/advisories/GHSA-cm5x-837x-jf3c", "reference_id": "GHSA-cm5x-837x-jf3c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cm5x-837x-jf3c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37660", "CVE-2021-37660", "GHSA-cm5x-837x-jf3c", "PYSEC-2021-282", "PYSEC-2021-573", "PYSEC-2021-771" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qh6-fg49-u3b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1312?format=api", "vulnerability_id": "VCID-9faa-mq8t-z7c1", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37651", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09509", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37651" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-564.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-564.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-762.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-762.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-273.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-273.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/0f931751fb20f565c4e94aa6df58d54a003cdb30", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/0f931751fb20f565c4e94aa6df58d54a003cdb30" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hpv4-7p9c-mvfr", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hpv4-7p9c-mvfr" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37651", "reference_id": "CVE-2021-37651", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37651" }, { "reference_url": "https://github.com/advisories/GHSA-hpv4-7p9c-mvfr", "reference_id": "GHSA-hpv4-7p9c-mvfr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-hpv4-7p9c-mvfr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37651", "CVE-2021-37651", "GHSA-hpv4-7p9c-mvfr", "PYSEC-2021-273", "PYSEC-2021-564", "PYSEC-2021-762" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9faa-mq8t-z7c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1324?format=api", "vulnerability_id": "VCID-bcub-rasm-nbbq", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37639", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02573", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37639" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-552.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-552.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-750.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-750.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-261.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-261.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9e82dce6e6bd1f36a57e08fa85af213e2b2f2622", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/9e82dce6e6bd1f36a57e08fa85af213e2b2f2622" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh6x-4whr-2qv4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh6x-4whr-2qv4" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37639", "reference_id": "CVE-2021-37639", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37639" }, { "reference_url": "https://github.com/advisories/GHSA-gh6x-4whr-2qv4", "reference_id": "GHSA-gh6x-4whr-2qv4", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gh6x-4whr-2qv4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37639", "CVE-2021-37639", "GHSA-gh6x-4whr-2qv4", "PYSEC-2021-261", "PYSEC-2021-552", "PYSEC-2021-750" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bcub-rasm-nbbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1305?format=api", "vulnerability_id": "VCID-bzfw-bhxx-b7df", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37658", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02567", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37658" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-571.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-571.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-769.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-769.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-280.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-280.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ff8894044dfae5568ecbf2ed514c1a37dc394f1b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ff8894044dfae5568ecbf2ed514c1a37dc394f1b" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6p5r-g9mq-ggh2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6p5r-g9mq-ggh2" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37658", "reference_id": "CVE-2021-37658", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37658" }, { "reference_url": "https://github.com/advisories/GHSA-6p5r-g9mq-ggh2", "reference_id": "GHSA-6p5r-g9mq-ggh2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6p5r-g9mq-ggh2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37658", "CVE-2021-37658", "GHSA-6p5r-g9mq-ggh2", "PYSEC-2021-280", "PYSEC-2021-571", "PYSEC-2021-769" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzfw-bhxx-b7df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1314?format=api", "vulnerability_id": "VCID-bzsf-bjda-3ber", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37649", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01617", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37649" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-562.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-562.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-760.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-760.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-271.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-271.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7bdf50bb4f5c54a4997c379092888546c97c3ebd", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/7bdf50bb4f5c54a4997c379092888546c97c3ebd" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gv8-p3vj-pxvr", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gv8-p3vj-pxvr" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37649", "reference_id": "CVE-2021-37649", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37649" }, { "reference_url": "https://github.com/advisories/GHSA-6gv8-p3vj-pxvr", "reference_id": "GHSA-6gv8-p3vj-pxvr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6gv8-p3vj-pxvr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37649", "CVE-2021-37649", "GHSA-6gv8-p3vj-pxvr", "PYSEC-2021-271", "PYSEC-2021-562", "PYSEC-2021-760" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzsf-bjda-3ber" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1275?format=api", "vulnerability_id": "VCID-cggq-9awk-3qfm", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37688", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15181", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37688" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-601.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-601.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-799.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-799.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-310.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-310.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/internal/optimized/optimized_ops.h#L268-L285", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/internal/optimized/optimized_ops.h#L268-L285" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/15691e456c7dc9bd6be203b09765b063bf4a380c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/15691e456c7dc9bd6be203b09765b063bf4a380c" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vcjj-9vg7-vf68", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vcjj-9vg7-vf68" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37688", "reference_id": "CVE-2021-37688", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37688" }, { "reference_url": "https://github.com/advisories/GHSA-vcjj-9vg7-vf68", "reference_id": "GHSA-vcjj-9vg7-vf68", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vcjj-9vg7-vf68" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37688", "CVE-2021-37688", "GHSA-vcjj-9vg7-vf68", "PYSEC-2021-310", "PYSEC-2021-601", "PYSEC-2021-799" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cggq-9awk-3qfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1296?format=api", "vulnerability_id": "VCID-cyk5-z76t-9bgc", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02461", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37667" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-580.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-580.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-778.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-778.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-289.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-289.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/2e0ee46f1a47675152d3d865797a18358881d7a6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/2e0ee46f1a47675152d3d865797a18358881d7a6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w74j-v8xh-3w5h", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w74j-v8xh-3w5h" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37667", "reference_id": "CVE-2021-37667", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37667" }, { "reference_url": "https://github.com/advisories/GHSA-w74j-v8xh-3w5h", "reference_id": "GHSA-w74j-v8xh-3w5h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-w74j-v8xh-3w5h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37667", "CVE-2021-37667", "GHSA-w74j-v8xh-3w5h", "PYSEC-2021-289", "PYSEC-2021-580", "PYSEC-2021-778" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cyk5-z76t-9bgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1319?format=api", "vulnerability_id": "VCID-ddf8-mugz-pbbk", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37644", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37644" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-557.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-557.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-755.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-755.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-266.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-266.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8a6e874437670045e6c7dc6154c7412b4a2135e2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8a6e874437670045e6c7dc6154c7412b4a2135e2" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27j5-4p9v-pp67", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27j5-4p9v-pp67" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37644", "reference_id": "CVE-2021-37644", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37644" }, { "reference_url": "https://github.com/advisories/GHSA-27j5-4p9v-pp67", "reference_id": "GHSA-27j5-4p9v-pp67", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-27j5-4p9v-pp67" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37644", "CVE-2021-37644", "GHSA-27j5-4p9v-pp67", "PYSEC-2021-266", "PYSEC-2021-557", "PYSEC-2021-755" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddf8-mugz-pbbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1299?format=api", "vulnerability_id": "VCID-fhfh-ryxe-67ha", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11682", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37664" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-577.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-577.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-775.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-775.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-286.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-286.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e84c975313e8e8e38bb2ea118196369c45c51378", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e84c975313e8e8e38bb2ea118196369c45c51378" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r4c4-5fpq-56wg", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r4c4-5fpq-56wg" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37664", "reference_id": "CVE-2021-37664", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37664" }, { "reference_url": "https://github.com/advisories/GHSA-r4c4-5fpq-56wg", "reference_id": "GHSA-r4c4-5fpq-56wg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-r4c4-5fpq-56wg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37664", "CVE-2021-37664", "GHSA-r4c4-5fpq-56wg", "PYSEC-2021-286", "PYSEC-2021-577", "PYSEC-2021-775" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhfh-ryxe-67ha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1310?format=api", "vulnerability_id": "VCID-g4y6-tura-gbhx", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37653", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37653" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-566.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-566.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-764.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-764.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-275.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-275.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ac117ee8a8ea57b73d34665cdf00ef3303bc0b11", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ac117ee8a8ea57b73d34665cdf00ef3303bc0b11" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjj8-32p7-h289", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjj8-32p7-h289" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37653", "reference_id": "CVE-2021-37653", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37653" }, { "reference_url": "https://github.com/advisories/GHSA-qjj8-32p7-h289", "reference_id": "GHSA-qjj8-32p7-h289", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-qjj8-32p7-h289" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37653", "CVE-2021-37653", "GHSA-qjj8-32p7-h289", "PYSEC-2021-275", "PYSEC-2021-566", "PYSEC-2021-764" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g4y6-tura-gbhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1272?format=api", "vulnerability_id": "VCID-gg52-vvcd-zben", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37691" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-604.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-604.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-802.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-802.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-313.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-313.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/0575b640091680cfb70f4dd93e70658de43b94f9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/0575b640091680cfb70f4dd93e70658de43b94f9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27qf-jwm8-g7f3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27qf-jwm8-g7f3" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37691", "reference_id": "CVE-2021-37691", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37691" }, { "reference_url": "https://github.com/advisories/GHSA-27qf-jwm8-g7f3", "reference_id": "GHSA-27qf-jwm8-g7f3", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-27qf-jwm8-g7f3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37691", "CVE-2021-37691", "GHSA-27qf-jwm8-g7f3", "PYSEC-2021-313", "PYSEC-2021-604", "PYSEC-2021-802" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gg52-vvcd-zben" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1311?format=api", "vulnerability_id": "VCID-gm34-n1kp-5qh4", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37652", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.04186", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37652" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-565.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-565.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-763.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-763.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-274.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-274.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/5ecec9c6fbdbc6be03295685190a45e7eee726ab", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/5ecec9c6fbdbc6be03295685190a45e7eee726ab" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m7fm-4jfh-jrg6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m7fm-4jfh-jrg6" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37652", "reference_id": "CVE-2021-37652", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37652" }, { "reference_url": "https://github.com/advisories/GHSA-m7fm-4jfh-jrg6", "reference_id": "GHSA-m7fm-4jfh-jrg6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m7fm-4jfh-jrg6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37652", "CVE-2021-37652", "GHSA-m7fm-4jfh-jrg6", "PYSEC-2021-274", "PYSEC-2021-565", "PYSEC-2021-763" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gm34-n1kp-5qh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1321?format=api", "vulnerability_id": "VCID-gvws-rve9-nbat", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37642" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-555.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-555.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-753.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-753.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-264.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-264.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4aacb30888638da75023e6601149415b39763d76", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/4aacb30888638da75023e6601149415b39763d76" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ch4f-829c-v5pw", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ch4f-829c-v5pw" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37642", "reference_id": "CVE-2021-37642", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37642" }, { "reference_url": "https://github.com/advisories/GHSA-ch4f-829c-v5pw", "reference_id": "GHSA-ch4f-829c-v5pw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-ch4f-829c-v5pw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37642", "CVE-2021-37642", "GHSA-ch4f-829c-v5pw", "PYSEC-2021-264", "PYSEC-2021-555", "PYSEC-2021-753" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gvws-rve9-nbat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1280?format=api", "vulnerability_id": "VCID-hfhh-k29v-1kaf", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37683", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37683" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-596.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-596.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-794.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-794.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-305.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-305.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/div.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/div.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1e206baedf8bef0334cca3eb92bab134ef525a28", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1e206baedf8bef0334cca3eb92bab134ef525a28" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rhrq-64mq-hf9h", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rhrq-64mq-hf9h" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37683", "reference_id": "CVE-2021-37683", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37683" }, { "reference_url": "https://github.com/advisories/GHSA-rhrq-64mq-hf9h", "reference_id": "GHSA-rhrq-64mq-hf9h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rhrq-64mq-hf9h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37683", "CVE-2021-37683", "GHSA-rhrq-64mq-hf9h", "PYSEC-2021-305", "PYSEC-2021-596", "PYSEC-2021-794" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hfhh-k29v-1kaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1273?format=api", "vulnerability_id": "VCID-hk2y-fdnq-ybf1", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07357", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37690" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-603.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-603.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-801.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-801.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-312.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-312.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ee119d4a498979525046fba1c3dd3f13a039fbb1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ee119d4a498979525046fba1c3dd3f13a039fbb1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3hxh-8cp2-g4hg", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3hxh-8cp2-g4hg" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37690", "reference_id": "CVE-2021-37690", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37690" }, { "reference_url": "https://github.com/advisories/GHSA-3hxh-8cp2-g4hg", "reference_id": "GHSA-3hxh-8cp2-g4hg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3hxh-8cp2-g4hg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37690", "CVE-2021-37690", "GHSA-3hxh-8cp2-g4hg", "PYSEC-2021-312", "PYSEC-2021-603", "PYSEC-2021-801" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hk2y-fdnq-ybf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1309?format=api", "vulnerability_id": "VCID-hpt6-maej-a3fb", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37654", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11682", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37654" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-567.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-567.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-765.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-765.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-276.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-276.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/bc9c546ce7015c57c2f15c168b3d9201de679a1d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/bc9c546ce7015c57c2f15c168b3d9201de679a1d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2r8p-fg3c-wcj4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2r8p-fg3c-wcj4" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37654", "reference_id": "CVE-2021-37654", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37654" }, { "reference_url": "https://github.com/advisories/GHSA-2r8p-fg3c-wcj4", "reference_id": "GHSA-2r8p-fg3c-wcj4", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2r8p-fg3c-wcj4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37654", "CVE-2021-37654", "GHSA-2r8p-fg3c-wcj4", "PYSEC-2021-276", "PYSEC-2021-567", "PYSEC-2021-765" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hpt6-maej-a3fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1328?format=api", "vulnerability_id": "VCID-k149-grwj-cyg5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37635", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11682", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37635" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-548.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-548.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-746.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-746.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-257.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-257.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/87158f43f05f2720a374f3e6d22a7aaa3a33f750", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/87158f43f05f2720a374f3e6d22a7aaa3a33f750" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cgfm-62j4-v4rf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cgfm-62j4-v4rf" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37635", "reference_id": "CVE-2021-37635", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37635" }, { "reference_url": "https://github.com/advisories/GHSA-cgfm-62j4-v4rf", "reference_id": "GHSA-cgfm-62j4-v4rf", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cgfm-62j4-v4rf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37635", "CVE-2021-37635", "GHSA-cgfm-62j4-v4rf", "PYSEC-2021-257", "PYSEC-2021-548", "PYSEC-2021-746" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k149-grwj-cyg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1279?format=api", "vulnerability_id": "VCID-kta3-2zcq-83ch", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37684", "reference_id": "", "reference_type": "", "scores": [ { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00837", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37684" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-597.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-597.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-795.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-795.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-306.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-306.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q7f7-544h-67h9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q7f7-544h-67h9" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37684", "reference_id": "CVE-2021-37684", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37684" }, { "reference_url": "https://github.com/advisories/GHSA-q7f7-544h-67h9", "reference_id": "GHSA-q7f7-544h-67h9", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q7f7-544h-67h9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37684", "CVE-2021-37684", "GHSA-q7f7-544h-67h9", "PYSEC-2021-306", "PYSEC-2021-597", "PYSEC-2021-795" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kta3-2zcq-83ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1297?format=api", "vulnerability_id": "VCID-kuxe-7hab-a3cv", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37666", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02461", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37666" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-579.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-579.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-777.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-777.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-288.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-288.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w4xf-2pqw-5mq7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w4xf-2pqw-5mq7" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37666", "reference_id": "CVE-2021-37666", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37666" }, { "reference_url": "https://github.com/advisories/GHSA-w4xf-2pqw-5mq7", "reference_id": "GHSA-w4xf-2pqw-5mq7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-w4xf-2pqw-5mq7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37666", "CVE-2021-37666", "GHSA-w4xf-2pqw-5mq7", "PYSEC-2021-288", "PYSEC-2021-579", "PYSEC-2021-777" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kuxe-7hab-a3cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1274?format=api", "vulnerability_id": "VCID-m5yn-gjpw-53b5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37689", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02036", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37689" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-602.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-602.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-800.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-800.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-311.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-311.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/compiler/mlir/lite/transforms/optimize.cc#L67-L70", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/compiler/mlir/lite/transforms/optimize.cc#L67-L70" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d6b57f461b39fd1aa8c1b870f1b974aac3554955", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d6b57f461b39fd1aa8c1b870f1b974aac3554955" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wf5p-c75w-w3wh", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wf5p-c75w-w3wh" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37689", "reference_id": "CVE-2021-37689", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37689" }, { "reference_url": "https://github.com/advisories/GHSA-wf5p-c75w-w3wh", "reference_id": "GHSA-wf5p-c75w-w3wh", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wf5p-c75w-w3wh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37689", "CVE-2021-37689", "GHSA-wf5p-c75w-w3wh", "PYSEC-2021-311", "PYSEC-2021-602", "PYSEC-2021-800" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m5yn-gjpw-53b5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1326?format=api", "vulnerability_id": "VCID-mh7p-x5et-67h4", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37637", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14031", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37637" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-550.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-550.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-748.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-748.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-259.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-259.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/5dc7f6981fdaf74c8c5be41f393df705841fb7c5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/5dc7f6981fdaf74c8c5be41f393df705841fb7c5" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c9qf-r67m-p7cg", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c9qf-r67m-p7cg" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37637", "reference_id": "CVE-2021-37637", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37637" }, { "reference_url": "https://github.com/advisories/GHSA-c9qf-r67m-p7cg", "reference_id": "GHSA-c9qf-r67m-p7cg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-c9qf-r67m-p7cg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37637", "CVE-2021-37637", "GHSA-c9qf-r67m-p7cg", "PYSEC-2021-259", "PYSEC-2021-550", "PYSEC-2021-748" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mh7p-x5et-67h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1278?format=api", "vulnerability_id": "VCID-mt3j-jwu5-pueu", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.124", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37685" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-598.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-598.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-796.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-796.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-307.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-307.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d94ffe08a65400f898241c0374e9edc6fa8ed257", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d94ffe08a65400f898241c0374e9edc6fa8ed257" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c545-c4f9-rf6v", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c545-c4f9-rf6v" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37685", "reference_id": "CVE-2021-37685", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37685" }, { "reference_url": "https://github.com/advisories/GHSA-c545-c4f9-rf6v", "reference_id": "GHSA-c545-c4f9-rf6v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-c545-c4f9-rf6v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37685", "CVE-2021-37685", "GHSA-c545-c4f9-rf6v", "PYSEC-2021-307", "PYSEC-2021-598", "PYSEC-2021-796" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mt3j-jwu5-pueu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1318?format=api", "vulnerability_id": "VCID-ngsv-ca8h-q7bg", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37645", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37645" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-558.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-558.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-756.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-756.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-267.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-267.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/96f364a1ca3009f98980021c4b32be5fdcca33a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/96f364a1ca3009f98980021c4b32be5fdcca33a1" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9w2p-5mgw-p94c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9w2p-5mgw-p94c" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37645", "reference_id": "CVE-2021-37645", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37645" }, { "reference_url": "https://github.com/advisories/GHSA-9w2p-5mgw-p94c", "reference_id": "GHSA-9w2p-5mgw-p94c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9w2p-5mgw-p94c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37645", "CVE-2021-37645", "GHSA-9w2p-5mgw-p94c", "PYSEC-2021-267", "PYSEC-2021-558", "PYSEC-2021-756" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngsv-ca8h-q7bg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1322?format=api", "vulnerability_id": "VCID-nhv1-35p3-tyfq", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37641", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02461", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37641" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-554.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-554.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-752.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-752.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-263.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-263.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a2b743f6017d7b97af1fe49087ae15f0ac634373", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a2b743f6017d7b97af1fe49087ae15f0ac634373" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c8h-vvrj-w2p8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c8h-vvrj-w2p8" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37641", "reference_id": "CVE-2021-37641", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37641" }, { "reference_url": "https://github.com/advisories/GHSA-9c8h-vvrj-w2p8", "reference_id": "GHSA-9c8h-vvrj-w2p8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9c8h-vvrj-w2p8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37641", "CVE-2021-37641", "GHSA-9c8h-vvrj-w2p8", "PYSEC-2021-263", "PYSEC-2021-554", "PYSEC-2021-752" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhv1-35p3-tyfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1290?format=api", "vulnerability_id": "VCID-ntth-8qpp-jfet", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37673", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37673" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-586.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-586.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-784.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-784.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-295.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-295.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d7de67733925de196ec8863a33445b73f9562d1d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d7de67733925de196ec8863a33445b73f9562d1d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-278g-rq84-9hmg", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-278g-rq84-9hmg" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37673", "reference_id": "CVE-2021-37673", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37673" }, { "reference_url": "https://github.com/advisories/GHSA-278g-rq84-9hmg", "reference_id": "GHSA-278g-rq84-9hmg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-278g-rq84-9hmg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37673", "CVE-2021-37673", "GHSA-278g-rq84-9hmg", "PYSEC-2021-295", "PYSEC-2021-586", "PYSEC-2021-784" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntth-8qpp-jfet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1313?format=api", "vulnerability_id": "VCID-qa9p-g79v-fbe1", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02947", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37650" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-563.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-563.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-761.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-761.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-272.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-272.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e0b6e58c328059829c3eb968136f17aa72b6c876", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e0b6e58c328059829c3eb968136f17aa72b6c876" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f8h4-7rgh-q2gm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f8h4-7rgh-q2gm" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37650", "reference_id": "CVE-2021-37650", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37650" }, { "reference_url": "https://github.com/advisories/GHSA-f8h4-7rgh-q2gm", "reference_id": "GHSA-f8h4-7rgh-q2gm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-f8h4-7rgh-q2gm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37650", "CVE-2021-37650", "GHSA-f8h4-7rgh-q2gm", "PYSEC-2021-272", "PYSEC-2021-563", "PYSEC-2021-761" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qa9p-g79v-fbe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1276?format=api", "vulnerability_id": "VCID-quc8-whc2-cbg7", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37687", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13917", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37687" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-600.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-600.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-798.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-798.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-309.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-309.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/bb6a0383ed553c286f87ca88c207f6774d5c4a8f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/bb6a0383ed553c286f87ca88c207f6774d5c4a8f" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/eb921122119a6b6e470ee98b89e65d721663179d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/eb921122119a6b6e470ee98b89e65d721663179d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jwf9-w5xm-f437", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jwf9-w5xm-f437" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37687", "reference_id": "CVE-2021-37687", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37687" }, { "reference_url": "https://github.com/advisories/GHSA-jwf9-w5xm-f437", "reference_id": "GHSA-jwf9-w5xm-f437", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-jwf9-w5xm-f437" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37687", "CVE-2021-37687", "GHSA-jwf9-w5xm-f437", "PYSEC-2021-309", "PYSEC-2021-600", "PYSEC-2021-798" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-quc8-whc2-cbg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1320?format=api", "vulnerability_id": "VCID-spbh-6rka-y3a8", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37643", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01617", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37643" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-556.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-556.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-754.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-754.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-265.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-265.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/482da92095c4d48f8784b1f00dda4f81c28d2988", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/482da92095c4d48f8784b1f00dda4f81c28d2988" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fcwc-p4fc-c5cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fcwc-p4fc-c5cc" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37643", "reference_id": "CVE-2021-37643", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37643" }, { "reference_url": "https://github.com/advisories/GHSA-fcwc-p4fc-c5cc", "reference_id": "GHSA-fcwc-p4fc-c5cc", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fcwc-p4fc-c5cc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37643", "CVE-2021-37643", "GHSA-fcwc-p4fc-c5cc", "PYSEC-2021-265", "PYSEC-2021-556", "PYSEC-2021-754" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-spbh-6rka-y3a8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1300?format=api", "vulnerability_id": "VCID-try6-1d3f-y3aq", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02461", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37663" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-576.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-576.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-774.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-774.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-285.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-285.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37663", "reference_id": "CVE-2021-37663", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37663" }, { "reference_url": "https://github.com/advisories/GHSA-g25h-jr74-qp5j", "reference_id": "GHSA-g25h-jr74-qp5j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g25h-jr74-qp5j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37663", "CVE-2021-37663", "GHSA-g25h-jr74-qp5j", "PYSEC-2021-285", "PYSEC-2021-576", "PYSEC-2021-774" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-try6-1d3f-y3aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1317?format=api", "vulnerability_id": "VCID-u597-6euj-auh5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01614", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37646" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-559.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-559.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-757.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-757.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-268.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-268.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/c283e542a3f422420cfdb332414543b62fc4e4a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/c283e542a3f422420cfdb332414543b62fc4e4a5" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6jh-7gv5-28vg", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6jh-7gv5-28vg" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37646", "reference_id": "CVE-2021-37646", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37646" }, { "reference_url": "https://github.com/advisories/GHSA-h6jh-7gv5-28vg", "reference_id": "GHSA-h6jh-7gv5-28vg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-h6jh-7gv5-28vg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37646", "CVE-2021-37646", "GHSA-h6jh-7gv5-28vg", "PYSEC-2021-268", "PYSEC-2021-559", "PYSEC-2021-757" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u597-6euj-auh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1287?format=api", "vulnerability_id": "VCID-uy7w-xnc7-d7c5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37676", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02461", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37676" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-589.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-589.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-787.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-787.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-298.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-298.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37676", "reference_id": "CVE-2021-37676", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37676" }, { "reference_url": "https://github.com/advisories/GHSA-v768-w7m9-2vmm", "reference_id": "GHSA-v768-w7m9-2vmm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-v768-w7m9-2vmm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37676", "CVE-2021-37676", "GHSA-v768-w7m9-2vmm", "PYSEC-2021-298", "PYSEC-2021-589", "PYSEC-2021-787" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uy7w-xnc7-d7c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1323?format=api", "vulnerability_id": "VCID-v5em-3qqk-jqfs", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37640", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.10045", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37640" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-553.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-553.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-751.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-751.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-262.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-262.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/4923de56ec94fff7770df259ab7f2288a74feb41", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/4923de56ec94fff7770df259ab7f2288a74feb41" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-95xm-g58g-3p88", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-95xm-g58g-3p88" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37640", "reference_id": "CVE-2021-37640", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37640" }, { "reference_url": "https://github.com/advisories/GHSA-95xm-g58g-3p88", "reference_id": "GHSA-95xm-g58g-3p88", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-95xm-g58g-3p88" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37640", "CVE-2021-37640", "GHSA-95xm-g58g-3p88", "PYSEC-2021-262", "PYSEC-2021-553", "PYSEC-2021-751" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5em-3qqk-jqfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1294?format=api", "vulnerability_id": "VCID-vh5d-4p9r-wubf", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09802", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37669" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-582.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-582.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-780.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-780.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-291.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-291.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vmjw-c2vp-p33c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vmjw-c2vp-p33c" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37669", "reference_id": "CVE-2021-37669", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37669" }, { "reference_url": "https://github.com/advisories/GHSA-vmjw-c2vp-p33c", "reference_id": "GHSA-vmjw-c2vp-p33c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vmjw-c2vp-p33c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37669", "CVE-2021-37669", "GHSA-vmjw-c2vp-p33c", "PYSEC-2021-291", "PYSEC-2021-582", "PYSEC-2021-780" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vh5d-4p9r-wubf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1271?format=api", "vulnerability_id": "VCID-vx4g-ckr3-27dm", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09802", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37692" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-605.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-605.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-803.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-803.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-314.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-314.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8721ba96e5760c229217b594f6d2ba332beedf22", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8721ba96e5760c229217b594f6d2ba332beedf22" }, { "reference_url": "https://github.com/tensorflow/tensorflow/pull/50508", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/pull/50508" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cmgw-8vpc-rc59", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cmgw-8vpc-rc59" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37692", "reference_id": "CVE-2021-37692", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37692" }, { "reference_url": "https://github.com/advisories/GHSA-cmgw-8vpc-rc59", "reference_id": "GHSA-cmgw-8vpc-rc59", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cmgw-8vpc-rc59" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37692", "CVE-2021-37692", "GHSA-cmgw-8vpc-rc59", "PYSEC-2021-314", "PYSEC-2021-605", "PYSEC-2021-803" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vx4g-ckr3-27dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1291?format=api", "vulnerability_id": "VCID-wwwt-6qtg-mfb7", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37672", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0378", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37672" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-585.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-585.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-783.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-783.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-294.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-294.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37672", "reference_id": "CVE-2021-37672", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37672" }, { "reference_url": "https://github.com/advisories/GHSA-5hj3-vjjf-f5m7", "reference_id": "GHSA-5hj3-vjjf-f5m7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5hj3-vjjf-f5m7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37672", "CVE-2021-37672", "GHSA-5hj3-vjjf-f5m7", "PYSEC-2021-294", "PYSEC-2021-585", "PYSEC-2021-783" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wwwt-6qtg-mfb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1286?format=api", "vulnerability_id": "VCID-x23c-1b8p-4qak", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37677", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00926", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37677" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-590.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-590.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-788.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-788.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-299.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-299.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/da857cfa0fde8f79ad0afdbc94e88b5d4bbec764", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/da857cfa0fde8f79ad0afdbc94e88b5d4bbec764" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qfpc-5pjr-mh26", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qfpc-5pjr-mh26" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37677", "reference_id": "CVE-2021-37677", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37677" }, { "reference_url": "https://github.com/advisories/GHSA-qfpc-5pjr-mh26", "reference_id": "GHSA-qfpc-5pjr-mh26", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-qfpc-5pjr-mh26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37677", "CVE-2021-37677", "GHSA-qfpc-5pjr-mh26", "PYSEC-2021-299", "PYSEC-2021-590", "PYSEC-2021-788" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x23c-1b8p-4qak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1295?format=api", "vulnerability_id": "VCID-y191-8mqq-zqgk", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14024", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37668" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-581.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-581.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-779.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-779.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-290.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-290.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/a776040a5e7ebf76eeb7eb923bf1ae417dd4d233", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/a776040a5e7ebf76eeb7eb923bf1ae417dd4d233" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2wmv-37vq-52g5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2wmv-37vq-52g5" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37668", "reference_id": "CVE-2021-37668", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37668" }, { "reference_url": "https://github.com/advisories/GHSA-2wmv-37vq-52g5", "reference_id": "GHSA-2wmv-37vq-52g5", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2wmv-37vq-52g5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37668", "CVE-2021-37668", "GHSA-2wmv-37vq-52g5", "PYSEC-2021-290", "PYSEC-2021-581", "PYSEC-2021-779" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y191-8mqq-zqgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1304?format=api", "vulnerability_id": "VCID-z712-rg6q-t7bm", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37659", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12116", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37659" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-572.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-572.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-770.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-770.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-281.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-281.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/93f428fd1768df147171ed674fee1fc5ab8309ec", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/93f428fd1768df147171ed674fee1fc5ab8309ec" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q3g3-h9r4-prrc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q3g3-h9r4-prrc" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37659", "reference_id": "CVE-2021-37659", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37659" }, { "reference_url": "https://github.com/advisories/GHSA-q3g3-h9r4-prrc", "reference_id": "GHSA-q3g3-h9r4-prrc", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q3g3-h9r4-prrc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37659", "CVE-2021-37659", "GHSA-q3g3-h9r4-prrc", "PYSEC-2021-281", "PYSEC-2021-572", "PYSEC-2021-770" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z712-rg6q-t7bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1307?format=api", "vulnerability_id": "VCID-zky1-z6wv-37c5", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37656", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02461", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37656" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-569.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-569.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-767.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-278.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-278.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1071f554dbd09f7e101324d366eec5f4fe5a3ece", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1071f554dbd09f7e101324d366eec5f4fe5a3ece" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4xfp-4pfp-89wg", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4xfp-4pfp-89wg" }, { "reference_url": "https://security.archlinux.org/AVG-2292", "reference_id": "AVG-2292", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2292" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37656", "reference_id": "CVE-2021-37656", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37656" }, { "reference_url": "https://github.com/advisories/GHSA-4xfp-4pfp-89wg", "reference_id": "GHSA-4xfp-4pfp-89wg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4xfp-4pfp-89wg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17430?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-8cew-f7ja-5bbe" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rp89-jyjd-cbc2" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20746?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23629?format=api", "purl": "pkg:pypi/tensorflow-gpu@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qd-d7c7-sbdm" }, { "vulnerability": "VCID-145d-k5w3-tfgz" }, { "vulnerability": "VCID-15nt-6tff-k7gb" }, { "vulnerability": "VCID-1ah5-hm7a-ykep" }, { "vulnerability": "VCID-1sr1-happ-6ugc" }, { "vulnerability": "VCID-2cw7-2xzs-abfz" }, { "vulnerability": "VCID-2hqc-3d51-4yf5" }, { "vulnerability": "VCID-39ck-bm9t-kqhs" }, { "vulnerability": "VCID-3czq-3twf-skcg" }, { "vulnerability": "VCID-3g5a-5csn-h3d9" }, { "vulnerability": "VCID-466y-e26r-rka4" }, { "vulnerability": "VCID-5d73-819a-xbeg" }, { "vulnerability": "VCID-5tpp-sf62-zycs" }, { "vulnerability": "VCID-5ty2-z944-mbht" }, { "vulnerability": "VCID-5xgg-h9wh-3uh7" }, { "vulnerability": "VCID-6888-uhtp-8ub6" }, { "vulnerability": "VCID-688g-g33x-67g9" }, { "vulnerability": "VCID-6gnj-az99-h7b4" }, { "vulnerability": "VCID-83pe-ztey-dbf4" }, { "vulnerability": "VCID-97cs-4kx3-37gm" }, { "vulnerability": "VCID-9arh-a8wj-wka6" }, { "vulnerability": "VCID-9dhc-1f13-5qht" }, { "vulnerability": "VCID-9gde-ga9q-pqb4" }, { "vulnerability": "VCID-9snf-qxka-83hd" }, { "vulnerability": "VCID-aad5-dg9x-53cz" }, { "vulnerability": "VCID-akmu-fas1-33h6" }, { "vulnerability": "VCID-axj7-aq9m-rqdu" }, { "vulnerability": "VCID-b8sr-erwh-5yh8" }, { "vulnerability": "VCID-bm3u-2ych-eqac" }, { "vulnerability": "VCID-ccv1-pgda-r7ba" }, { "vulnerability": "VCID-cu5c-pmqv-xkdz" }, { "vulnerability": "VCID-cwvm-wntu-tfck" }, { "vulnerability": "VCID-d3dc-su6w-s3ag" }, { "vulnerability": "VCID-egc6-6pwr-fyej" }, { "vulnerability": "VCID-en5f-xtha-cyhp" }, { "vulnerability": "VCID-ev23-kazv-nkas" }, { "vulnerability": "VCID-ev84-gxjn-6bf1" }, { "vulnerability": "VCID-exm3-hpp6-g7hg" }, { "vulnerability": "VCID-eyqx-7k24-zfhq" }, { "vulnerability": "VCID-f25m-udat-n3fd" }, { "vulnerability": "VCID-f3cx-k63z-7qde" }, { "vulnerability": "VCID-fggx-3rzd-8kf5" }, { "vulnerability": "VCID-g144-4yvx-xybr" }, { "vulnerability": "VCID-g423-bnfj-kybz" }, { "vulnerability": "VCID-g8er-52ns-j7b1" }, { "vulnerability": "VCID-g8ts-ghhv-33e3" }, { "vulnerability": "VCID-gbft-tx74-wkhf" }, { "vulnerability": "VCID-gg98-zkw8-5ben" }, { "vulnerability": "VCID-hujj-6vv2-u3c2" }, { "vulnerability": "VCID-jdud-ufqp-4yg5" }, { "vulnerability": "VCID-kupu-frrt-pqen" }, { "vulnerability": "VCID-ky4u-eny7-33fy" }, { "vulnerability": "VCID-m4na-tgrp-d7fk" }, { "vulnerability": "VCID-mtqg-yga8-eqeu" }, { "vulnerability": "VCID-myjm-gbbc-qucg" }, { "vulnerability": "VCID-n62z-1akp-ebck" }, { "vulnerability": "VCID-nfr9-fgdn-4kh8" }, { "vulnerability": "VCID-ngkq-s26c-qkfj" }, { "vulnerability": "VCID-pe9p-a7nn-8bhj" }, { "vulnerability": "VCID-q4zv-syab-bbh8" }, { "vulnerability": "VCID-qdnt-cg25-5kdx" }, { "vulnerability": "VCID-qgr6-bqrc-puhs" }, { "vulnerability": "VCID-qvnc-gzf6-y3f3" }, { "vulnerability": "VCID-qxqd-f1bw-y7h4" }, { "vulnerability": "VCID-rkx2-5nyj-bbhu" }, { "vulnerability": "VCID-rr2a-8jrx-6ue8" }, { "vulnerability": "VCID-rsau-jvcr-uudd" }, { "vulnerability": "VCID-rt4b-xxm6-xubs" }, { "vulnerability": "VCID-rujq-67w1-u3g7" }, { "vulnerability": "VCID-sb7m-pngm-5fbj" }, { "vulnerability": "VCID-sf59-u7jt-4bd5" }, { "vulnerability": "VCID-ugta-nt2s-27fk" }, { "vulnerability": "VCID-v2nf-1526-nkbp" }, { "vulnerability": "VCID-vfgz-fss4-wbgu" }, { "vulnerability": "VCID-vgv7-xc3c-1fb3" }, { "vulnerability": "VCID-vnn5-y8ez-rub9" }, { "vulnerability": "VCID-vpyd-he5n-b3a4" }, { "vulnerability": "VCID-vqxg-mnz4-13cg" }, { "vulnerability": "VCID-w2ns-kqmv-xfan" }, { "vulnerability": "VCID-x2t2-4sa6-qygs" }, { "vulnerability": "VCID-x5x3-2cyz-xbhe" }, { "vulnerability": "VCID-xbt8-r95u-sqbu" }, { "vulnerability": "VCID-y7hx-h69v-wfcy" }, { "vulnerability": "VCID-yh43-ndzp-4ue9" }, { "vulnerability": "VCID-yvag-32h1-yfc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" } ], "aliases": [ "BIT-tensorflow-2021-37656", "CVE-2021-37656", "GHSA-4xfp-4pfp-89wg", "PYSEC-2021-278", "PYSEC-2021-569", "PYSEC-2021-767" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zky1-z6wv-37c5" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.5.1" }