Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/tensorflow-cpu@2.6.0
Typepypi
Namespace
Nametensorflow-cpu
Version2.6.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.7.4
Latest_non_vulnerable_version2.12.1
Affected_by_vulnerabilities
0
url VCID-11qd-d7c7-sbdm
vulnerability_id VCID-11qd-d7c7-sbdm
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ConcatV2` can be used to trigger a denial of service attack via a segfault caused by a type confusion. The `axis` argument is translated into `concat_dim` in the `ConcatShapeHelper` helper function. Then, a value for `min_rank` is computed based on `concat_dim`. This is then used to validate that the `values` tensor has at least the required rank. However, `WithRankAtLeast` receives the lower bound as a 64-bits value and then compares it against the maximum 32-bits integer value that could be represented. Due to the fact that `min_rank` is a 32-bits value and the value of `axis`, the `rank` argument is a negative value, so the error check is bypassed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21731
reference_id
reference_type
scores
0
value 0.00303
scoring_system epss
scoring_elements 0.53888
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21731
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-55.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-55.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-110.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-110.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/common_shape_fns.cc#L1961-L2059
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/common_shape_fns.cc#L1961-L2059
5
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/shape_inference.cc#L345-L358
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/shape_inference.cc#L345-L358
6
reference_url https://github.com/tensorflow/tensorflow/commit/08d7b00c0a5a20926363849f611729f53f3ec022
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/08d7b00c0a5a20926363849f611729f53f3ec022
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m4hf-j54p-p353
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m4hf-j54p-p353
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21731
reference_id CVE-2022-21731
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21731
9
reference_url https://github.com/advisories/GHSA-m4hf-j54p-p353
reference_id GHSA-m4hf-j54p-p353
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m4hf-j54p-p353
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21731, GHSA-m4hf-j54p-p353, PYSEC-2022-110, PYSEC-2022-55
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-11qd-d7c7-sbdm
1
url VCID-145d-k5w3-tfgz
vulnerability_id VCID-145d-k5w3-tfgz
summary Tensorflow is an Open Source Machine Learning Framework. The implementations of `Sparse*Cwise*` ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based denial of service) or `CHECK`-fails when building new `TensorShape` objects (so, assert failures based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23567
reference_id
reference_type
scores
0
value 0.0045
scoring_system epss
scoring_elements 0.63951
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23567
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-76.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-76.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-131.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-131.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc
5
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
6
reference_url https://github.com/tensorflow/tensorflow/commit/1b54cadd19391b60b6fcccd8d076426f7221d5e8
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/1b54cadd19391b60b6fcccd8d076426f7221d5e8
7
reference_url https://github.com/tensorflow/tensorflow/commit/e952a89b7026b98fe8cbe626514a93ed68b7c510
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e952a89b7026b98fe8cbe626514a93ed68b7c510
8
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrx2-r989-2c43
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrx2-r989-2c43
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23567
reference_id CVE-2022-23567
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23567
10
reference_url https://github.com/advisories/GHSA-rrx2-r989-2c43
reference_id GHSA-rrx2-r989-2c43
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rrx2-r989-2c43
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23567, GHSA-rrx2-r989-2c43, PYSEC-2022-131, PYSEC-2022-76
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-145d-k5w3-tfgz
2
url VCID-15nt-6tff-k7gb
vulnerability_id VCID-15nt-6tff-k7gb
summary Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23587
reference_id
reference_type
scores
0
value 0.00295
scoring_system epss
scoring_elements 0.53055
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23587
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-96.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-96.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-151.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-151.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L2621-L2689
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L2621-L2689
5
reference_url https://github.com/tensorflow/tensorflow/commit/0aaaae6eca5a7175a193696383f582f53adab23f
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/0aaaae6eca5a7175a193696383f582f53adab23f
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8jj7-5vxc-pg2q
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8jj7-5vxc-pg2q
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23587
reference_id CVE-2022-23587
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23587
8
reference_url https://github.com/advisories/GHSA-8jj7-5vxc-pg2q
reference_id GHSA-8jj7-5vxc-pg2q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8jj7-5vxc-pg2q
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23587, GHSA-8jj7-5vxc-pg2q, PYSEC-2022-151, PYSEC-2022-96
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15nt-6tff-k7gb
3
url VCID-1ah5-hm7a-ykep
vulnerability_id VCID-1ah5-hm7a-ykep
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalAvgPoolGrad` does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21730
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54937
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21730
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-54.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-54.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-109.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-109.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_avg_pool_op.cc#L209-L360
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_avg_pool_op.cc#L209-L360
5
reference_url https://github.com/tensorflow/tensorflow/commit/002408c3696b173863228223d535f9de72a101a9
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/002408c3696b173863228223d535f9de72a101a9
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vjg4-v33c-ggc4
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vjg4-v33c-ggc4
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21730
reference_id CVE-2022-21730
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21730
8
reference_url https://github.com/advisories/GHSA-vjg4-v33c-ggc4
reference_id GHSA-vjg4-v33c-ggc4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vjg4-v33c-ggc4
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21730, GHSA-vjg4-v33c-ggc4, PYSEC-2022-109, PYSEC-2022-54
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ah5-hm7a-ykep
4
url VCID-1sr1-happ-6ugc
vulnerability_id VCID-1sr1-happ-6ugc
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41221
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.06058
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41221
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-630.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-630.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-828.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-828.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-413.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-413.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41221
reference_id CVE-2021-41221
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41221
9
reference_url https://github.com/advisories/GHSA-cqv6-3phm-hcwx
reference_id GHSA-cqv6-3phm-hcwx
reference_type
scores
url https://github.com/advisories/GHSA-cqv6-3phm-hcwx
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41221, GHSA-cqv6-3phm-hcwx, PYSEC-2021-413, PYSEC-2021-630, PYSEC-2021-828
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1sr1-happ-6ugc
5
url VCID-2cw7-2xzs-abfz
vulnerability_id VCID-2cw7-2xzs-abfz
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41217
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04734
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41217
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-626.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-626.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-824.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-824.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-409.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-409.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41217
reference_id CVE-2021-41217
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41217
9
reference_url https://github.com/advisories/GHSA-5crj-c72x-m7gq
reference_id GHSA-5crj-c72x-m7gq
reference_type
scores
url https://github.com/advisories/GHSA-5crj-c72x-m7gq
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41217, GHSA-5crj-c72x-m7gq, PYSEC-2021-409, PYSEC-2021-626, PYSEC-2021-824
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2cw7-2xzs-abfz
6
url VCID-2hqc-3d51-4yf5
vulnerability_id VCID-2hqc-3d51-4yf5
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41198
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15708
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41198
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-608.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-608.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-806.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-806.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-391.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-391.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f
6
reference_url https://github.com/tensorflow/tensorflow/issues/46911
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/46911
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q
8
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41198
reference_id CVE-2021-41198
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41198
10
reference_url https://github.com/advisories/GHSA-2p25-55c9-h58q
reference_id GHSA-2p25-55c9-h58q
reference_type
scores
url https://github.com/advisories/GHSA-2p25-55c9-h58q
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41198, GHSA-2p25-55c9-h58q, PYSEC-2021-391, PYSEC-2021-608, PYSEC-2021-806
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hqc-3d51-4yf5
7
url VCID-39ck-bm9t-kqhs
vulnerability_id VCID-39ck-bm9t-kqhs
summary Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_size` is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23557
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23557
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-66.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-66.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-121.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-121.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/internal/common.h#L75
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/internal/common.h#L75
5
reference_url https://github.com/tensorflow/tensorflow/commit/8c6f391a2282684a25cbfec7687bd5d35261a209
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/8c6f391a2282684a25cbfec7687bd5d35261a209
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23557
reference_id CVE-2022-23557
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23557
8
reference_url https://github.com/advisories/GHSA-gf2j-f278-xh4v
reference_id GHSA-gf2j-f278-xh4v
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gf2j-f278-xh4v
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23557, GHSA-gf2j-f278-xh4v, PYSEC-2022-121, PYSEC-2022-66
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-39ck-bm9t-kqhs
8
url VCID-3czq-3twf-skcg
vulnerability_id VCID-3czq-3twf-skcg
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23573
reference_id
reference_type
scores
0
value 0.00295
scoring_system epss
scoring_elements 0.53033
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23573
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-82.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-82.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-137.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-137.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/assign_op.h#L30-L143
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/assign_op.h#L30-L143
5
reference_url https://github.com/tensorflow/tensorflow/commit/ef1d027be116f25e25bb94a60da491c2cf55bd0b
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/ef1d027be116f25e25bb94a60da491c2cf55bd0b
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q85f-69q7-55h2
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q85f-69q7-55h2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23573
reference_id CVE-2022-23573
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23573
8
reference_url https://github.com/advisories/GHSA-q85f-69q7-55h2
reference_id GHSA-q85f-69q7-55h2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q85f-69q7-55h2
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23573, GHSA-q85f-69q7-55h2, PYSEC-2022-137, PYSEC-2022-82
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3czq-3twf-skcg
9
url VCID-3g5a-5csn-h3d9
vulnerability_id VCID-3g5a-5csn-h3d9
summary Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a reference `dtype`. This would result in a crash due to a `CHECK`-fail in the `Tensor` constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23588
reference_id
reference_type
scores
0
value 0.00303
scoring_system epss
scoring_elements 0.53888
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23588
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-97.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-97.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-152.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-152.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/tensor.cc#L733-L781
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/tensor.cc#L733-L781
5
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1328-L1402
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1328-L1402
6
reference_url https://github.com/tensorflow/tensorflow/commit/6b5adc0877de832b2a7c189532dbbbc64622eeb6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/6b5adc0877de832b2a7c189532dbbbc64622eeb6
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fx5c-h9f6-rv7c
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fx5c-h9f6-rv7c
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23588
reference_id CVE-2022-23588
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23588
9
reference_url https://github.com/advisories/GHSA-fx5c-h9f6-rv7c
reference_id GHSA-fx5c-h9f6-rv7c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fx5c-h9f6-rv7c
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23588, GHSA-fx5c-h9f6-rv7c, PYSEC-2022-152, PYSEC-2022-97
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3g5a-5csn-h3d9
10
url VCID-466y-e26r-rka4
vulnerability_id VCID-466y-e26r-rka4
summary Tensorflow is an Open Source Machine Learning Framework. When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so `flr->config_proto` is `nullptr`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23595
reference_id
reference_type
scores
0
value 0.00221
scoring_system epss
scoring_elements 0.44697
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23595
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-103.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-103.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-158.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-158.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/jit/xla_platform_info.cc#L43-L104
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/jit/xla_platform_info.cc#L43-L104
5
reference_url https://github.com/tensorflow/tensorflow/commit/e21af685e1828f7ca65038307df5cc06de4479e8
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e21af685e1828f7ca65038307df5cc06de4479e8
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23595
reference_id CVE-2022-23595
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23595
8
reference_url https://github.com/advisories/GHSA-fpcp-9h7m-ffpx
reference_id GHSA-fpcp-9h7m-ffpx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fpcp-9h7m-ffpx
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23595, GHSA-fpcp-9h7m-ffpx, PYSEC-2022-103, PYSEC-2022-158
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-466y-e26r-rka4
11
url VCID-5d73-819a-xbeg
vulnerability_id VCID-5d73-819a-xbeg
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41209
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04734
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41209
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-618.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-618.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-816.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-816.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-401.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-401.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41209
reference_id CVE-2021-41209
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41209
9
reference_url https://github.com/advisories/GHSA-6hpv-v2rx-c5g6
reference_id GHSA-6hpv-v2rx-c5g6
reference_type
scores
url https://github.com/advisories/GHSA-6hpv-v2rx-c5g6
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41209, GHSA-6hpv-v2rx-c5g6, PYSEC-2021-401, PYSEC-2021-618, PYSEC-2021-816
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5d73-819a-xbeg
12
url VCID-5tpp-sf62-zycs
vulnerability_id VCID-5tpp-sf62-zycs
summary Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses `tempfile.mktemp` to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in `mktemp` and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness). In several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the `mktemp` function usage. We have patched the issue in several commits, replacing `mktemp` with the safer `mkstemp`/`mkdtemp` functions, according to the usage pattern. Users are advised to upgrade as soon as possible.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23563
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02926
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23563
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-72.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-72.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-127.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-127.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23563
reference_id CVE-2022-23563
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23563
6
reference_url https://github.com/advisories/GHSA-wc4g-r73w-x8mm
reference_id GHSA-wc4g-r73w-x8mm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wc4g-r73w-x8mm
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23563, GHSA-wc4g-r73w-x8mm, PYSEC-2022-127, PYSEC-2022-72
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tpp-sf62-zycs
13
url VCID-5ty2-z944-mbht
vulnerability_id VCID-5ty2-z944-mbht
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41214
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.05281
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41214
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-623.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-623.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-821.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-821.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-406.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-406.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41214
reference_id CVE-2021-41214
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41214
9
reference_url https://github.com/advisories/GHSA-vwhq-49r4-gj9v
reference_id GHSA-vwhq-49r4-gj9v
reference_type
scores
url https://github.com/advisories/GHSA-vwhq-49r4-gj9v
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41214, GHSA-vwhq-49r4-gj9v, PYSEC-2021-406, PYSEC-2021-623, PYSEC-2021-821
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ty2-z944-mbht
14
url VCID-5xgg-h9wh-3uh7
vulnerability_id VCID-5xgg-h9wh-3uh7
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41226
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.05281
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41226
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-635.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-635.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-833.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-833.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-418.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-418.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41226
reference_id CVE-2021-41226
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41226
9
reference_url https://github.com/advisories/GHSA-374m-jm66-3vj8
reference_id GHSA-374m-jm66-3vj8
reference_type
scores
url https://github.com/advisories/GHSA-374m-jm66-3vj8
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41226, GHSA-374m-jm66-3vj8, PYSEC-2021-418, PYSEC-2021-635, PYSEC-2021-833
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xgg-h9wh-3uh7
15
url VCID-6888-uhtp-8ub6
vulnerability_id VCID-6888-uhtp-8ub6
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `*Bincount` operations allows malicious users to cause denial of service by passing in arguments which would trigger a `CHECK`-fail. There are several conditions that the input arguments must satisfy. Some are not caught during shape inference and others are not caught during kernel implementation. This results in `CHECK` failures later when the output tensors get allocated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21737
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21737
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-61.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-61.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-116.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-116.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/bincount_op.cc
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/bincount_op.cc
5
reference_url https://github.com/tensorflow/tensorflow/commit/7019ce4f68925fd01cdafde26f8d8c938f47e6f9
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/7019ce4f68925fd01cdafde26f8d8c938f47e6f9
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21737
reference_id CVE-2022-21737
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21737
8
reference_url https://github.com/advisories/GHSA-f2vv-v9cg-qhh7
reference_id GHSA-f2vv-v9cg-qhh7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f2vv-v9cg-qhh7
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21737, GHSA-f2vv-v9cg-qhh7, PYSEC-2022-116, PYSEC-2022-61
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6888-uhtp-8ub6
16
url VCID-688g-g33x-67g9
vulnerability_id VCID-688g-g33x-67g9
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41223
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05349
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41223
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-632.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-632.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-830.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-830.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-415.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-415.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41223
reference_id CVE-2021-41223
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41223
9
reference_url https://github.com/advisories/GHSA-f54p-f6jp-4rhr
reference_id GHSA-f54p-f6jp-4rhr
reference_type
scores
url https://github.com/advisories/GHSA-f54p-f6jp-4rhr
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41223, GHSA-f54p-f6jp-4rhr, PYSEC-2021-415, PYSEC-2021-632, PYSEC-2021-830
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-688g-g33x-67g9
17
url VCID-6gnj-az99-h7b4
vulnerability_id VCID-6gnj-az99-h7b4
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21735
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21735
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-59.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-59.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-114.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-114.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_max_pool_op.cc#L36-L192
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_max_pool_op.cc#L36-L192
5
reference_url https://github.com/tensorflow/tensorflow/commit/ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fb
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fb
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21735
reference_id CVE-2022-21735
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21735
8
reference_url https://github.com/advisories/GHSA-87v6-crgm-2gfj
reference_id GHSA-87v6-crgm-2gfj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-87v6-crgm-2gfj
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21735, GHSA-87v6-crgm-2gfj, PYSEC-2022-114, PYSEC-2022-59
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6gnj-az99-h7b4
18
url VCID-83pe-ztey-dbf4
vulnerability_id VCID-83pe-ztey-dbf4
summary Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via `CHECK`-fails (i.e., assertion failures). This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. It is possible that other similar instances exist in TensorFlow, we will issue fixes as these are discovered. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23569
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30304
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23569
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-78.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-78.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-133.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-133.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
5
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23569
reference_id CVE-2022-23569
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23569
7
reference_url https://github.com/advisories/GHSA-qj5r-f9mv-rffh
reference_id GHSA-qj5r-f9mv-rffh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qj5r-f9mv-rffh
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23569, GHSA-qj5r-f9mv-rffh, PYSEC-2022-133, PYSEC-2022-78
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-83pe-ztey-dbf4
19
url VCID-97cs-4kx3-37gm
vulnerability_id VCID-97cs-4kx3-37gm
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `StringNGrams` can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on `pad_witdh` and that result in computing a negative value for `ngram_width` which is later used to allocate parts of the output. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21733
reference_id
reference_type
scores
0
value 0.00232
scoring_system epss
scoring_elements 0.46146
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21733
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-57.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-57.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-112.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-112.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/string_ngrams_op.cc#L29-L161
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/string_ngrams_op.cc#L29-L161
5
reference_url https://github.com/tensorflow/tensorflow/commit/f68fdab93fb7f4ddb4eb438c8fe052753c9413e8
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/f68fdab93fb7f4ddb4eb438c8fe052753c9413e8
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98j8-c9q4-r38g
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98j8-c9q4-r38g
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21733
reference_id CVE-2022-21733
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21733
8
reference_url https://github.com/advisories/GHSA-98j8-c9q4-r38g
reference_id GHSA-98j8-c9q4-r38g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-98j8-c9q4-r38g
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21733, GHSA-98j8-c9q4-r38g, PYSEC-2022-112, PYSEC-2022-57
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97cs-4kx3-37gm
20
url VCID-9arh-a8wj-wka6
vulnerability_id VCID-9arh-a8wj-wka6
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `MapStage` is vulnerable a `CHECK`-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21734
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21734
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-58.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-58.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-113.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-113.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/map_stage_op.cc#L519-L550
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/map_stage_op.cc#L519-L550
5
reference_url https://github.com/tensorflow/tensorflow/commit/f57315566d7094f322b784947093406c2aea0d7d
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/f57315566d7094f322b784947093406c2aea0d7d
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gcvh-66ff-4mwm
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gcvh-66ff-4mwm
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21734
reference_id CVE-2022-21734
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21734
8
reference_url https://github.com/advisories/GHSA-gcvh-66ff-4mwm
reference_id GHSA-gcvh-66ff-4mwm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gcvh-66ff-4mwm
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21734, GHSA-gcvh-66ff-4mwm, PYSEC-2022-113, PYSEC-2022-58
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9arh-a8wj-wka6
21
url VCID-9dhc-1f13-5qht
vulnerability_id VCID-9dhc-1f13-5qht
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41219
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05669
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41219
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-628.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-628.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-826.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-826.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-411.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-411.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41219
reference_id CVE-2021-41219
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41219
9
reference_url https://github.com/advisories/GHSA-4f99-p9c2-3j8x
reference_id GHSA-4f99-p9c2-3j8x
reference_type
scores
url https://github.com/advisories/GHSA-4f99-p9c2-3j8x
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41219, GHSA-4f99-p9c2-3j8x, PYSEC-2021-411, PYSEC-2021-628, PYSEC-2021-826
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9dhc-1f13-5qht
22
url VCID-9gde-ga9q-pqb4
vulnerability_id VCID-9gde-ga9q-pqb4
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41207
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04734
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41207
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-616.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-616.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-814.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-814.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-399.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-399.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/inplace_ops.cc#L72-L97
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/inplace_ops.cc#L72-L97
6
reference_url https://github.com/tensorflow/tensorflow/commit/9de11bdc2cf1284b2f635419bd3e6bbc7643eb2c
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/9de11bdc2cf1284b2f635419bd3e6bbc7643eb2c
7
reference_url https://github.com/tensorflow/tensorflow/commit/d11f21bbdfa54f3576ae860fc927bf23c675ebc0
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/d11f21bbdfa54f3576ae860fc927bf23c675ebc0
8
reference_url https://github.com/tensorflow/tensorflow/commit/e67caccea81167402c62977b5c521f2a8b261d6a
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e67caccea81167402c62977b5c521f2a8b261d6a
9
reference_url https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235
10
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h
11
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41207
reference_id CVE-2021-41207
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41207
13
reference_url https://github.com/advisories/GHSA-7v94-64hj-m82h
reference_id GHSA-7v94-64hj-m82h
reference_type
scores
url https://github.com/advisories/GHSA-7v94-64hj-m82h
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41207, GHSA-7v94-64hj-m82h, PYSEC-2021-399, PYSEC-2021-616, PYSEC-2021-814
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gde-ga9q-pqb4
23
url VCID-9snf-qxka-83hd
vulnerability_id VCID-9snf-qxka-83hd
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41204
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04734
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41204
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-614.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-614.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-812.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-812.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-397.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-397.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41204
reference_id CVE-2021-41204
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41204
9
reference_url https://github.com/advisories/GHSA-786j-5qwq-r36x
reference_id GHSA-786j-5qwq-r36x
reference_type
scores
url https://github.com/advisories/GHSA-786j-5qwq-r36x
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41204, GHSA-786j-5qwq-r36x, PYSEC-2021-397, PYSEC-2021-614, PYSEC-2021-812
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9snf-qxka-83hd
24
url VCID-aad5-dg9x-53cz
vulnerability_id VCID-aad5-dg9x-53cz
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41199
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15708
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41199
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-609.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-609.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-807.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-807.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-392.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-392.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837
6
reference_url https://github.com/tensorflow/tensorflow/issues/46914
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/46914
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm
8
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41199
reference_id CVE-2021-41199
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41199
10
reference_url https://github.com/advisories/GHSA-5hx2-qx8j-qjqm
reference_id GHSA-5hx2-qx8j-qjqm
reference_type
scores
url https://github.com/advisories/GHSA-5hx2-qx8j-qjqm
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41199, GHSA-5hx2-qx8j-qjqm, PYSEC-2021-392, PYSEC-2021-609, PYSEC-2021-807
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aad5-dg9x-53cz
25
url VCID-akmu-fas1-33h6
vulnerability_id VCID-akmu-fas1-33h6
summary Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21741
reference_id
reference_type
scores
0
value 0.00232
scoring_system epss
scoring_elements 0.46146
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21741
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-65.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-65.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-120.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-120.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/depthwise_conv.cc#L96
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/depthwise_conv.cc#L96
5
reference_url https://github.com/tensorflow/tensorflow/commit/e5b0eec199c2d03de54fd6a7fd9275692218e2bc
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e5b0eec199c2d03de54fd6a7fd9275692218e2bc
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21741
reference_id CVE-2022-21741
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21741
8
reference_url https://github.com/advisories/GHSA-428x-9xc2-m8mj
reference_id GHSA-428x-9xc2-m8mj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-428x-9xc2-m8mj
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21741, GHSA-428x-9xc2-m8mj, PYSEC-2022-120, PYSEC-2022-65
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-akmu-fas1-33h6
26
url VCID-axj7-aq9m-rqdu
vulnerability_id VCID-axj7-aq9m-rqdu
summary Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments, if the tensors have an invalid `dtype` and 0 elements or an invalid shape. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23571
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30304
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23571
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-80.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-80.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-135.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-135.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/commit/5b491cd5e41ad63735161cec9c2a568172c8b6a3
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/5b491cd5e41ad63735161cec9c2a568172c8b6a3
5
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j3mj-fhpq-qqjj
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j3mj-fhpq-qqjj
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23571
reference_id CVE-2022-23571
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23571
7
reference_url https://github.com/advisories/GHSA-j3mj-fhpq-qqjj
reference_id GHSA-j3mj-fhpq-qqjj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j3mj-fhpq-qqjj
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23571, GHSA-j3mj-fhpq-qqjj, PYSEC-2022-135, PYSEC-2022-80
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axj7-aq9m-rqdu
27
url VCID-b8sr-erwh-5yh8
vulnerability_id VCID-b8sr-erwh-5yh8
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41228
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12379
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41228
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-637.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-637.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-835.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-835.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-420.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-420.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41228
reference_id CVE-2021-41228
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41228
9
reference_url https://github.com/advisories/GHSA-3rcw-9p9x-582v
reference_id GHSA-3rcw-9p9x-582v
reference_type
scores
url https://github.com/advisories/GHSA-3rcw-9p9x-582v
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41228, GHSA-3rcw-9p9x-582v, PYSEC-2021-420, PYSEC-2021-637, PYSEC-2021-835
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8sr-erwh-5yh8
28
url VCID-bm3u-2ych-eqac
vulnerability_id VCID-bm3u-2ych-eqac
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41227
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.241
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41227
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-636.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-636.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-834.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-834.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-419.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-419.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b
6
reference_url https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7
8
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41227
reference_id CVE-2021-41227
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41227
10
reference_url https://github.com/advisories/GHSA-j8c8-67vp-6mx7
reference_id GHSA-j8c8-67vp-6mx7
reference_type
scores
url https://github.com/advisories/GHSA-j8c8-67vp-6mx7
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41227, GHSA-j8c8-67vp-6mx7, PYSEC-2021-419, PYSEC-2021-636, PYSEC-2021-834
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bm3u-2ych-eqac
29
url VCID-ccv1-pgda-r7ba
vulnerability_id VCID-ccv1-pgda-r7ba
summary Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23566
reference_id
reference_type
scores
0
value 0.00391
scoring_system epss
scoring_elements 0.60401
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23566
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-75.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-75.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-130.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-130.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.h#L394
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.h#L394
5
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/graph_properties.cc#L1132-L1141
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/graph_properties.cc#L1132-L1141
6
reference_url https://github.com/tensorflow/tensorflow/commit/97282c6d0d34476b6ba033f961590b783fa184cd
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/97282c6d0d34476b6ba033f961590b783fa184cd
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5qw5-89mw-wcg2
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5qw5-89mw-wcg2
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23566
reference_id CVE-2022-23566
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23566
9
reference_url https://github.com/advisories/GHSA-5qw5-89mw-wcg2
reference_id GHSA-5qw5-89mw-wcg2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5qw5-89mw-wcg2
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23566, GHSA-5qw5-89mw-wcg2, PYSEC-2022-130, PYSEC-2022-75
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ccv1-pgda-r7ba
30
url VCID-cu5c-pmqv-xkdz
vulnerability_id VCID-cu5c-pmqv-xkdz
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41200
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15532
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41200
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-610.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-610.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-808.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-808.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-393.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-393.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e
6
reference_url https://github.com/tensorflow/tensorflow/issues/46909
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/46909
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f
8
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41200
reference_id CVE-2021-41200
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41200
10
reference_url https://github.com/advisories/GHSA-gh8h-7j2j-qv4f
reference_id GHSA-gh8h-7j2j-qv4f
reference_type
scores
url https://github.com/advisories/GHSA-gh8h-7j2j-qv4f
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41200, GHSA-gh8h-7j2j-qv4f, PYSEC-2021-393, PYSEC-2021-610, PYSEC-2021-808
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cu5c-pmqv-xkdz
31
url VCID-cwvm-wntu-tfck
vulnerability_id VCID-cwvm-wntu-tfck
summary Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `SafeToRemoveIdentity` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23579
reference_id
reference_type
scores
0
value 0.00232
scoring_system epss
scoring_elements 0.46146
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23579
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-88.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-88.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-143.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-143.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/dependency_optimizer.cc#L59-L98
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/dependency_optimizer.cc#L59-L98
5
reference_url https://github.com/tensorflow/tensorflow/commit/92dba16749fae36c246bec3f9ba474d9ddeb7662
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/92dba16749fae36c246bec3f9ba474d9ddeb7662
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5f2r-qp73-37mr
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5f2r-qp73-37mr
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23579
reference_id CVE-2022-23579
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23579
8
reference_url https://github.com/advisories/GHSA-5f2r-qp73-37mr
reference_id GHSA-5f2r-qp73-37mr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5f2r-qp73-37mr
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23579, GHSA-5f2r-qp73-37mr, PYSEC-2022-143, PYSEC-2022-88
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cwvm-wntu-tfck
32
url VCID-d3dc-su6w-s3ag
vulnerability_id VCID-d3dc-su6w-s3ag
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `Dequantize` does not fully validate the value of `axis` and can result in heap OOB accesses. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21726
reference_id
reference_type
scores
0
value 0.00291
scoring_system epss
scoring_elements 0.52734
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21726
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-50.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-50.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-105.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-105.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/dequantize_op.cc#L92-L153
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/dequantize_op.cc#L92-L153
5
reference_url https://github.com/tensorflow/tensorflow/commit/23968a8bf65b009120c43b5ebcceaf52dbc9e943
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/23968a8bf65b009120c43b5ebcceaf52dbc9e943
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-23hm-7w47-xw72
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-23hm-7w47-xw72
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21726
reference_id CVE-2022-21726
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21726
8
reference_url https://github.com/advisories/GHSA-23hm-7w47-xw72
reference_id GHSA-23hm-7w47-xw72
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-23hm-7w47-xw72
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21726, GHSA-23hm-7w47-xw72, PYSEC-2022-105, PYSEC-2022-50
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3dc-su6w-s3ag
33
url VCID-dj7v-yppg-ckdp
vulnerability_id VCID-dj7v-yppg-ckdp
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41211
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05669
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41211
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-620.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-620.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-818.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-818.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-403.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-403.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/a0d64445116c43cf46a5666bd4eee28e7a82f244
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/a0d64445116c43cf46a5666bd4eee28e7a82f244
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cvgx-3v3q-m36c
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cvgx-3v3q-m36c
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41211
reference_id CVE-2021-41211
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41211
9
reference_url https://github.com/advisories/GHSA-cvgx-3v3q-m36c
reference_id GHSA-cvgx-3v3q-m36c
reference_type
scores
url https://github.com/advisories/GHSA-cvgx-3v3q-m36c
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41211, GHSA-cvgx-3v3q-m36c, PYSEC-2021-403, PYSEC-2021-620, PYSEC-2021-818
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dj7v-yppg-ckdp
34
url VCID-egc6-6pwr-fyej
vulnerability_id VCID-egc6-6pwr-fyej
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23577
reference_id
reference_type
scores
0
value 0.00221
scoring_system epss
scoring_elements 0.44697
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23577
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-86.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-86.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-141.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-141.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/cc/saved_model/loader_util.cc#L31-L61
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/cc/saved_model/loader_util.cc#L31-L61
5
reference_url https://github.com/tensorflow/tensorflow/commit/4f38b1ac8e42727e18a2f0bde06d3bee8e77b250
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/4f38b1ac8e42727e18a2f0bde06d3bee8e77b250
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8cxv-76p7-jxwr
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8cxv-76p7-jxwr
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23577
reference_id CVE-2022-23577
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23577
8
reference_url https://github.com/advisories/GHSA-8cxv-76p7-jxwr
reference_id GHSA-8cxv-76p7-jxwr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8cxv-76p7-jxwr
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23577, GHSA-8cxv-76p7-jxwr, PYSEC-2022-141, PYSEC-2022-86
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-egc6-6pwr-fyej
35
url VCID-en5f-xtha-cyhp
vulnerability_id VCID-en5f-xtha-cyhp
summary Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23586
reference_id
reference_type
scores
0
value 0.00303
scoring_system epss
scoring_elements 0.53888
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23586
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-95.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-95.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-150.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-150.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/function.cc
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/function.cc
5
reference_url https://github.com/tensorflow/tensorflow/commit/3d89911481ba6ebe8c88c1c0b595412121e6c645
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/3d89911481ba6ebe8c88c1c0b595412121e6c645
6
reference_url https://github.com/tensorflow/tensorflow/commit/dcc21c7bc972b10b6fb95c2fb0f4ab5a59680ec2
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/dcc21c7bc972b10b6fb95c2fb0f4ab5a59680ec2
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-43jf-985q-588j
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-43jf-985q-588j
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23586
reference_id CVE-2022-23586
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23586
9
reference_url https://github.com/advisories/GHSA-43jf-985q-588j
reference_id GHSA-43jf-985q-588j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43jf-985q-588j
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23586, GHSA-43jf-985q-588j, PYSEC-2022-150, PYSEC-2022-95
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-en5f-xtha-cyhp
36
url VCID-ev23-kazv-nkas
vulnerability_id VCID-ev23-kazv-nkas
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23575
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23575
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-84.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-84.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-139.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-139.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1552-L1558
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1552-L1558
5
reference_url https://github.com/tensorflow/tensorflow/commit/fcd18ce3101f245b083b30655c27b239dc72221e
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/fcd18ce3101f245b083b30655c27b239dc72221e
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c94w-c95p-phf8
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c94w-c95p-phf8
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23575
reference_id CVE-2022-23575
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23575
8
reference_url https://github.com/advisories/GHSA-c94w-c95p-phf8
reference_id GHSA-c94w-c95p-phf8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c94w-c95p-phf8
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23575, GHSA-c94w-c95p-phf8, PYSEC-2022-139, PYSEC-2022-84
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ev23-kazv-nkas
37
url VCID-ev84-gxjn-6bf1
vulnerability_id VCID-ev84-gxjn-6bf1
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulnerable to an integer overflow weakness. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes `axis + 1`, an attacker can trigger an integer overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21727
reference_id
reference_type
scores
0
value 0.00317
scoring_system epss
scoring_elements 0.55077
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21727
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-51.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-51.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-106.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-106.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/ops/array_ops.cc#L3001-L3034
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/ops/array_ops.cc#L3001-L3034
5
reference_url https://github.com/tensorflow/tensorflow/commit/b64638ec5ccaa77b7c1eb90958e3d85ce381f91b
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/b64638ec5ccaa77b7c1eb90958e3d85ce381f91b
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c6fh-56w7-fvjw
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c6fh-56w7-fvjw
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21727
reference_id CVE-2022-21727
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21727
8
reference_url https://github.com/advisories/GHSA-c6fh-56w7-fvjw
reference_id GHSA-c6fh-56w7-fvjw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c6fh-56w7-fvjw
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21727, GHSA-c6fh-56w7-fvjw, PYSEC-2022-106, PYSEC-2022-51
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ev84-gxjn-6bf1
38
url VCID-exm3-hpp6-g7hg
vulnerability_id VCID-exm3-hpp6-g7hg
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41205
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05349
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41205
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-615.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-615.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-813.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-813.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-398.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-398.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41205
reference_id CVE-2021-41205
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41205
9
reference_url https://github.com/advisories/GHSA-49rx-x2rw-pc6f
reference_id GHSA-49rx-x2rw-pc6f
reference_type
scores
url https://github.com/advisories/GHSA-49rx-x2rw-pc6f
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41205, GHSA-49rx-x2rw-pc6f, PYSEC-2021-398, PYSEC-2021-615, PYSEC-2021-813
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-exm3-hpp6-g7hg
39
url VCID-eyqx-7k24-zfhq
vulnerability_id VCID-eyqx-7k24-zfhq
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21738
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21738
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-62.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-62.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-117.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-117.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273
5
reference_url https://github.com/tensorflow/tensorflow/commit/6f4d3e8139ec724dbbcb40505891c81dd1052c4a
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/6f4d3e8139ec724dbbcb40505891c81dd1052c4a
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21738
reference_id CVE-2022-21738
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21738
8
reference_url https://github.com/advisories/GHSA-x4qx-4fjv-hmw6
reference_id GHSA-x4qx-4fjv-hmw6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x4qx-4fjv-hmw6
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21738, GHSA-x4qx-4fjv-hmw6, PYSEC-2022-117, PYSEC-2022-62
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eyqx-7k24-zfhq
40
url VCID-f25m-udat-n3fd
vulnerability_id VCID-f25m-udat-n3fd
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23562
reference_id
reference_type
scores
0
value 0.00361
scoring_system epss
scoring_elements 0.58482
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23562
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-71.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-71.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-126.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-126.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/commit/f0147751fd5d2ff23251149ebad9af9f03010732
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/f0147751fd5d2ff23251149ebad9af9f03010732
5
reference_url https://github.com/tensorflow/tensorflow/issues/52676
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/52676
6
reference_url https://github.com/tensorflow/tensorflow/pull/51733
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/pull/51733
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23562
reference_id CVE-2022-23562
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23562
9
reference_url https://github.com/advisories/GHSA-qx3f-p745-w4hr
reference_id GHSA-qx3f-p745-w4hr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qx3f-p745-w4hr
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23562, GHSA-qx3f-p745-w4hr, PYSEC-2022-126, PYSEC-2022-71
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f25m-udat-n3fd
41
url VCID-f3cx-k63z-7qde
vulnerability_id VCID-f3cx-k63z-7qde
summary Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_size` are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write. Users are advised to upgrade to a patched version.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23559
reference_id
reference_type
scores
0
value 0.00517
scoring_system epss
scoring_elements 0.67022
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23559
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-68.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-68.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-123.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-123.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/embedding_lookup_sparse.cc#L179-L189
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/embedding_lookup_sparse.cc#L179-L189
5
reference_url https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee99283043
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee99283043
6
reference_url https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65baf64be4
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65baf64be4
7
reference_url https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f061a75e01
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f061a75e01
8
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23559
reference_id CVE-2022-23559
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23559
10
reference_url https://github.com/advisories/GHSA-98p5-x8x4-c9m5
reference_id GHSA-98p5-x8x4-c9m5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-98p5-x8x4-c9m5
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23559, GHSA-98p5-x8x4-c9m5, PYSEC-2022-123, PYSEC-2022-68
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f3cx-k63z-7qde
42
url VCID-fa9v-1a1j-5ydf
vulnerability_id VCID-fa9v-1a1j-5ydf
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41220
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.06407
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41220
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-629.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-629.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-827.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-827.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-412.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-412.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/ca38dab9d3ee66c5de06f11af9a4b1200da5ef75
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/ca38dab9d3ee66c5de06f11af9a4b1200da5ef75
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gpfh-jvf9-7wg5
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gpfh-jvf9-7wg5
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41220
reference_id CVE-2021-41220
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41220
9
reference_url https://github.com/advisories/GHSA-gpfh-jvf9-7wg5
reference_id GHSA-gpfh-jvf9-7wg5
reference_type
scores
url https://github.com/advisories/GHSA-gpfh-jvf9-7wg5
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41220, GHSA-gpfh-jvf9-7wg5, PYSEC-2021-412, PYSEC-2021-629, PYSEC-2021-827
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fa9v-1a1j-5ydf
43
url VCID-fggx-3rzd-8kf5
vulnerability_id VCID-fggx-3rzd-8kf5
summary Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., &decode)`, the `decode` value contains allocated buffers which can only be freed by calling `png::CommonFreeDecode(&decode)`. However, several error case in the function implementation invoke the `OP_REQUIRES` macro which immediately terminates the execution of the function, without allowing for the memory free to occur. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23585
reference_id
reference_type
scores
0
value 0.00656
scoring_system epss
scoring_elements 0.71345
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23585
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-94.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-94.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-149.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-149.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L322-L416
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L322-L416
5
reference_url https://github.com/tensorflow/tensorflow/commit/ab51e5b813573dc9f51efa335aebcf2994125ee9
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/ab51e5b813573dc9f51efa335aebcf2994125ee9
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq6p-6334-8gr4
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq6p-6334-8gr4
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23585
reference_id CVE-2022-23585
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23585
8
reference_url https://github.com/advisories/GHSA-fq6p-6334-8gr4
reference_id GHSA-fq6p-6334-8gr4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fq6p-6334-8gr4
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23585, GHSA-fq6p-6334-8gr4, PYSEC-2022-149, PYSEC-2022-94
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fggx-3rzd-8kf5
44
url VCID-g144-4yvx-xybr
vulnerability_id VCID-g144-4yvx-xybr
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41202
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11432
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41202
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-612.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-612.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-810.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-810.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-395.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-395.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94
6
reference_url https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899
7
reference_url https://github.com/tensorflow/tensorflow/issues/46889
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/46889
8
reference_url https://github.com/tensorflow/tensorflow/issues/46912
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/46912
9
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx
10
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41202
reference_id CVE-2021-41202
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41202
12
reference_url https://github.com/advisories/GHSA-xrqm-fpgr-6hhx
reference_id GHSA-xrqm-fpgr-6hhx
reference_type
scores
url https://github.com/advisories/GHSA-xrqm-fpgr-6hhx
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41202, GHSA-xrqm-fpgr-6hhx, PYSEC-2021-395, PYSEC-2021-612, PYSEC-2021-810
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g144-4yvx-xybr
45
url VCID-g423-bnfj-kybz
vulnerability_id VCID-g423-bnfj-kybz
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41224
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05349
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41224
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-633.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-633.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-831.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-831.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-416.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-416.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41224
reference_id CVE-2021-41224
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41224
9
reference_url https://github.com/advisories/GHSA-rg3m-hqc5-344v
reference_id GHSA-rg3m-hqc5-344v
reference_type
scores
url https://github.com/advisories/GHSA-rg3m-hqc5-344v
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41224, GHSA-rg3m-hqc5-344v, PYSEC-2021-416, PYSEC-2021-633, PYSEC-2021-831
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g423-bnfj-kybz
46
url VCID-g8er-52ns-j7b1
vulnerability_id VCID-g8er-52ns-j7b1
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. There is a check to make sure the value of `batch_dim` does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of `Dim` would access elements before the start of an array. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21728
reference_id
reference_type
scores
0
value 0.01078
scoring_system epss
scoring_elements 0.78127
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21728
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-52.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-52.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-107.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-107.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/shape_inference.h#L415-L428
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/framework/shape_inference.h#L415-L428
5
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/ops/array_ops.cc#L1636-L1671
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/ops/array_ops.cc#L1636-L1671
6
reference_url https://github.com/tensorflow/tensorflow/commit/37c01fb5e25c3d80213060460196406c43d31995
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/37c01fb5e25c3d80213060460196406c43d31995
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gmv-pjp9-p8w8
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gmv-pjp9-p8w8
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21728
reference_id CVE-2022-21728
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21728
9
reference_url https://github.com/advisories/GHSA-6gmv-pjp9-p8w8
reference_id GHSA-6gmv-pjp9-p8w8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6gmv-pjp9-p8w8
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21728, GHSA-6gmv-pjp9-p8w8, PYSEC-2022-107, PYSEC-2022-52
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8er-52ns-j7b1
47
url VCID-g8ts-ghhv-33e3
vulnerability_id VCID-g8ts-ghhv-33e3
summary Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23580
reference_id
reference_type
scores
0
value 0.00301
scoring_system epss
scoring_elements 0.5366
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23580
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-89.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-89.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-144.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-144.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L788-L790
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L788-L790
5
reference_url https://github.com/tensorflow/tensorflow/commit/1361fb7e29449629e1df94d44e0427ebec8c83c7
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/1361fb7e29449629e1df94d44e0427ebec8c83c7
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23580
reference_id CVE-2022-23580
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23580
8
reference_url https://github.com/advisories/GHSA-627q-g293-49q7
reference_id GHSA-627q-g293-49q7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-627q-g293-49q7
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23580, GHSA-627q-g293-49q7, PYSEC-2022-144, PYSEC-2022-89
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8ts-ghhv-33e3
48
url VCID-gbft-tx74-wkhf
vulnerability_id VCID-gbft-tx74-wkhf
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41210
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05349
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41210
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-619.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-619.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-817.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-817.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-402.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-402.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41210
reference_id CVE-2021-41210
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41210
9
reference_url https://github.com/advisories/GHSA-m342-ff57-4jcc
reference_id GHSA-m342-ff57-4jcc
reference_type
scores
url https://github.com/advisories/GHSA-m342-ff57-4jcc
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41210, GHSA-m342-ff57-4jcc, PYSEC-2021-402, PYSEC-2021-619, PYSEC-2021-817
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gbft-tx74-wkhf
49
url VCID-gg98-zkw8-5ben
vulnerability_id VCID-gg98-zkw8-5ben
summary Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21725
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21725
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-49.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-49.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-104.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-104.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/ffa202a17ab7a4a10182b746d230ea66f021fe16/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L189-L198
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/ffa202a17ab7a4a10182b746d230ea66f021fe16/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L189-L198
5
reference_url https://github.com/tensorflow/tensorflow/commit/3218043d6d3a019756607643cf65574fbfef5d7a
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/3218043d6d3a019756607643cf65574fbfef5d7a
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21725
reference_id CVE-2022-21725
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21725
8
reference_url https://github.com/advisories/GHSA-v3f7-j968-4h5f
reference_id GHSA-v3f7-j968-4h5f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v3f7-j968-4h5f
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21725, GHSA-v3f7-j968-4h5f, PYSEC-2022-104, PYSEC-2022-49
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gg98-zkw8-5ben
50
url VCID-hujj-6vv2-u3c2
vulnerability_id VCID-hujj-6vv2-u3c2
summary Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that any binary op would trigger `CHECK` failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the `dtype` no longer matches the `dtype` expected by the op. In that case, calling the templated binary operator for the binary op would receive corrupted data, due to the type confusion involved. If `Tin` and `Tout` don't match the type of data in `out` and `input_*` tensors then `flat<*>` would interpret it wrongly. In most cases, this would be a silent failure, but we have noticed scenarios where this results in a `CHECK` crash, hence a denial of service. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23583
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52084
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23583
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-92.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-92.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-147.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-147.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/cwise_ops_common.h#L88-L137
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/cwise_ops_common.h#L88-L137
5
reference_url https://github.com/tensorflow/tensorflow/commit/a7c02f1a9bbc35473969618a09ee5f9f5d3e52d9
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/a7c02f1a9bbc35473969618a09ee5f9f5d3e52d9
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjqc-q9g6-q2j3
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjqc-q9g6-q2j3
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23583
reference_id CVE-2022-23583
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23583
8
reference_url https://github.com/advisories/GHSA-gjqc-q9g6-q2j3
reference_id GHSA-gjqc-q9g6-q2j3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gjqc-q9g6-q2j3
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23583, GHSA-gjqc-q9g6-q2j3, PYSEC-2022-147, PYSEC-2022-92
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hujj-6vv2-u3c2
51
url VCID-jdud-ufqp-4yg5
vulnerability_id VCID-jdud-ufqp-4yg5
summary Tensorflow is an Open Source Machine Learning Framework. The `GraphDef` format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a `GraphDef` containing a fragment such as the following can be consumed when loading a `SavedModel`. This would result in a stack overflow during execution as resolving each `NodeDef` means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23591
reference_id
reference_type
scores
0
value 0.00335
scoring_system epss
scoring_elements 0.56558
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23591
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-100.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-100.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-155.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-155.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/commit/448a16182065bd08a202d9057dd8ca541e67996c
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/448a16182065bd08a202d9057dd8ca541e67996c
5
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23591
reference_id CVE-2022-23591
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23591
7
reference_url https://github.com/advisories/GHSA-247x-2f9f-5wp7
reference_id GHSA-247x-2f9f-5wp7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-247x-2f9f-5wp7
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23591, GHSA-247x-2f9f-5wp7, PYSEC-2022-100, PYSEC-2022-155
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jdud-ufqp-4yg5
52
url VCID-kupu-frrt-pqen
vulnerability_id VCID-kupu-frrt-pqen
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41216
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.0578
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41216
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-625.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-625.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-823.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-823.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-408.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-408.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/array_ops.cc#L121-L185
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/array_ops.cc#L121-L185
6
reference_url https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9
8
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41216
reference_id CVE-2021-41216
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41216
10
reference_url https://github.com/advisories/GHSA-3ff2-r28g-w7h9
reference_id GHSA-3ff2-r28g-w7h9
reference_type
scores
url https://github.com/advisories/GHSA-3ff2-r28g-w7h9
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41216, GHSA-3ff2-r28g-w7h9, PYSEC-2021-408, PYSEC-2021-625, PYSEC-2021-823
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kupu-frrt-pqen
53
url VCID-ky4u-eny7-33fy
vulnerability_id VCID-ky4u-eny7-33fy
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `UnravelIndex` is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21729
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21729
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-53.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-53.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-108.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-108.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/unravel_index_op.cc#L36-L135
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/unravel_index_op.cc#L36-L135
5
reference_url https://github.com/tensorflow/tensorflow/commit/58b34c6c8250983948b5a781b426f6aa01fd47af
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/58b34c6c8250983948b5a781b426f6aa01fd47af
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-34f9-hjfq-rr8j
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-34f9-hjfq-rr8j
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21729
reference_id CVE-2022-21729
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21729
8
reference_url https://github.com/advisories/GHSA-34f9-hjfq-rr8j
reference_id GHSA-34f9-hjfq-rr8j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-34f9-hjfq-rr8j
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21729, GHSA-34f9-hjfq-rr8j, PYSEC-2022-108, PYSEC-2022-53
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ky4u-eny7-33fy
54
url VCID-m4na-tgrp-d7fk
vulnerability_id VCID-m4na-tgrp-d7fk
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateOutputSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number of dimensions in `output_shape.dim()` or just a small number of dimensions being large enough to cause an overflow in the multiplication. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23576
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23576
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-85.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-85.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-140.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-140.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1598-L1617
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1598-L1617
5
reference_url https://github.com/tensorflow/tensorflow/commit/b9bd6cfd1c50e6807846af9a86f9b83cafc9c8ae
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/b9bd6cfd1c50e6807846af9a86f9b83cafc9c8ae
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wm93-f238-7v37
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wm93-f238-7v37
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23576
reference_id CVE-2022-23576
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23576
8
reference_url https://github.com/advisories/GHSA-wm93-f238-7v37
reference_id GHSA-wm93-f238-7v37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wm93-f238-7v37
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23576, GHSA-wm93-f238-7v37, PYSEC-2022-140, PYSEC-2022-85
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4na-tgrp-d7fk
55
url VCID-mtqg-yga8-eqeu
vulnerability_id VCID-mtqg-yga8-eqeu
summary Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23581
reference_id
reference_type
scores
0
value 0.00476
scoring_system epss
scoring_elements 0.65178
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23581
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-90.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-90.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-145.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-145.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742
5
reference_url https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082
6
reference_url https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6
7
reference_url https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1
8
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23581
reference_id CVE-2022-23581
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23581
10
reference_url https://github.com/advisories/GHSA-fq86-3f29-px2c
reference_id GHSA-fq86-3f29-px2c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fq86-3f29-px2c
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23581, GHSA-fq86-3f29-px2c, PYSEC-2022-145, PYSEC-2022-90
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtqg-yga8-eqeu
56
url VCID-myjm-gbbc-qucg
vulnerability_id VCID-myjm-gbbc-qucg
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41203
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05388
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41203
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-613.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-613.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-811.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-811.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-396.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-396.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec
6
reference_url https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578
7
reference_url https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad
8
reference_url https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2
9
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2
10
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41203
reference_id CVE-2021-41203
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41203
12
reference_url https://github.com/advisories/GHSA-7pxj-m4jf-r6h2
reference_id GHSA-7pxj-m4jf-r6h2
reference_type
scores
url https://github.com/advisories/GHSA-7pxj-m4jf-r6h2
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41203, GHSA-7pxj-m4jf-r6h2, PYSEC-2021-396, PYSEC-2021-613, PYSEC-2021-811
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myjm-gbbc-qucg
57
url VCID-n62z-1akp-ebck
vulnerability_id VCID-n62z-1akp-ebck
summary Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23584
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.4871
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23584
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-93.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-93.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-148.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-148.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L339-L346
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L339-L346
5
reference_url https://github.com/tensorflow/tensorflow/commit/e746adbfcfee15e9cfdb391ff746c765b99bdf9b
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e746adbfcfee15e9cfdb391ff746c765b99bdf9b
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x4-6qmh-88qg
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x4-6qmh-88qg
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23584
reference_id CVE-2022-23584
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23584
8
reference_url https://github.com/advisories/GHSA-24x4-6qmh-88qg
reference_id GHSA-24x4-6qmh-88qg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-24x4-6qmh-88qg
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23584, GHSA-24x4-6qmh-88qg, PYSEC-2022-148, PYSEC-2022-93
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n62z-1akp-ebck
58
url VCID-nfr9-fgdn-4kh8
vulnerability_id VCID-nfr9-fgdn-4kh8
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41222
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04734
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41222
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-631.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-631.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-829.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-829.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-414.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-414.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41222
reference_id CVE-2021-41222
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41222
9
reference_url https://github.com/advisories/GHSA-cpf4-wx82-gxp6
reference_id GHSA-cpf4-wx82-gxp6
reference_type
scores
url https://github.com/advisories/GHSA-cpf4-wx82-gxp6
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41222, GHSA-cpf4-wx82-gxp6, PYSEC-2021-414, PYSEC-2021-631, PYSEC-2021-829
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfr9-fgdn-4kh8
59
url VCID-ngkq-s26c-qkfj
vulnerability_id VCID-ngkq-s26c-qkfj
summary Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23589
reference_id
reference_type
scores
0
value 0.00301
scoring_system epss
scoring_elements 0.53639
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23589
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-98.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-98.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-153.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-153.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/mutable_graph_view.cc#L59-L74
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/mutable_graph_view.cc#L59-L74
5
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L3466-L3497
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L3466-L3497
6
reference_url https://github.com/tensorflow/tensorflow/commit/045deec1cbdebb27d817008ad5df94d96a08b1bf
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/045deec1cbdebb27d817008ad5df94d96a08b1bf
7
reference_url https://github.com/tensorflow/tensorflow/commit/0a365c029e437be0349c31f8d4c9926b69fa3fa1
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/0a365c029e437be0349c31f8d4c9926b69fa3fa1
8
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9px9-73fg-3fqp
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9px9-73fg-3fqp
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23589
reference_id CVE-2022-23589
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23589
10
reference_url https://github.com/advisories/GHSA-9px9-73fg-3fqp
reference_id GHSA-9px9-73fg-3fqp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9px9-73fg-3fqp
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23589, GHSA-9px9-73fg-3fqp, PYSEC-2022-153, PYSEC-2022-98
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngkq-s26c-qkfj
60
url VCID-pe9p-a7nn-8bhj
vulnerability_id VCID-pe9p-a7nn-8bhj
summary Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that `TensorByteSize` would trigger `CHECK` failures. `TensorShape` constructor throws a `CHECK`-fail if shape is partial or has a number of elements that would overflow the size of an `int`. The `PartialTensorShape` constructor instead does not cause a `CHECK`-abort if the shape is partial, which is exactly what this function needs to be able to return `-1`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23582
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23582
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-91.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-91.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-146.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-146.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/attr_value_util.cc#L46-L50
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/attr_value_util.cc#L46-L50
5
reference_url https://github.com/tensorflow/tensorflow/commit/c2426bba00a01de6913738df8fa78e0215fcce02
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/c2426bba00a01de6913738df8fa78e0215fcce02
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4j82-5ccr-4r8v
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4j82-5ccr-4r8v
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23582
reference_id CVE-2022-23582
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23582
8
reference_url https://github.com/advisories/GHSA-4j82-5ccr-4r8v
reference_id GHSA-4j82-5ccr-4r8v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4j82-5ccr-4r8v
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23582, GHSA-4j82-5ccr-4r8v, PYSEC-2022-146, PYSEC-2022-91
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pe9p-a7nn-8bhj
61
url VCID-q4zv-syab-bbh8
vulnerability_id VCID-q4zv-syab-bbh8
summary Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in `TfLiteIntArrayCreate`. The `TfLiteIntArrayGetSizeInBytes` returns an `int` instead of a `size_t. An attacker can control model inputs such that `computed_size` overflows the size of `int` datatype. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23558
reference_id
reference_type
scores
0
value 0.0039
scoring_system epss
scoring_elements 0.6033
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23558
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-67.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-67.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-122.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-122.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L24-L33
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L24-L33
5
reference_url https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L53-L60
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L53-L60
6
reference_url https://github.com/tensorflow/tensorflow/commit/a1e1511dde36b3f8aa27a6ec630838e7ea40e091
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/a1e1511dde36b3f8aa27a6ec630838e7ea40e091
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9gwq-6cwj-47h3
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9gwq-6cwj-47h3
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23558
reference_id CVE-2022-23558
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23558
9
reference_url https://github.com/advisories/GHSA-9gwq-6cwj-47h3
reference_id GHSA-9gwq-6cwj-47h3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9gwq-6cwj-47h3
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23558, GHSA-9gwq-6cwj-47h3, PYSEC-2022-122, PYSEC-2022-67
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q4zv-syab-bbh8
62
url VCID-qdnt-cg25-5kdx
vulnerability_id VCID-qdnt-cg25-5kdx
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41197
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06691
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41197
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-607.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-607.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-805.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-805.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-390.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-390.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85
6
reference_url https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf
7
reference_url https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15
8
reference_url https://github.com/tensorflow/tensorflow/issues/46890
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/46890
9
reference_url https://github.com/tensorflow/tensorflow/issues/51908
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/51908
10
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p
11
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41197
reference_id CVE-2021-41197
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41197
13
reference_url https://github.com/advisories/GHSA-prcg-wp5q-rv7p
reference_id GHSA-prcg-wp5q-rv7p
reference_type
scores
url https://github.com/advisories/GHSA-prcg-wp5q-rv7p
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41197, GHSA-prcg-wp5q-rv7p, PYSEC-2021-390, PYSEC-2021-607, PYSEC-2021-805
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdnt-cg25-5kdx
63
url VCID-qgr6-bqrc-puhs
vulnerability_id VCID-qgr6-bqrc-puhs
summary Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. Users are advised to upgrade as soon as possible.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23560
reference_id
reference_type
scores
0
value 0.00296
scoring_system epss
scoring_elements 0.53147
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23560
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-69.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-69.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-124.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-124.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/internal/utils/sparsity_format_converter.cc#L252-L293
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/internal/utils/sparsity_format_converter.cc#L252-L293
5
reference_url https://github.com/tensorflow/tensorflow/commit/6364463d6f5b6254cac3d6aedf999b6a96225038
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/6364463d6f5b6254cac3d6aedf999b6a96225038
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23560
reference_id CVE-2022-23560
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23560
8
reference_url https://github.com/advisories/GHSA-4hvf-hxvg-f67v
reference_id GHSA-4hvf-hxvg-f67v
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4hvf-hxvg-f67v
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23560, GHSA-4hvf-hxvg-f67v, PYSEC-2022-124, PYSEC-2022-69
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qgr6-bqrc-puhs
64
url VCID-qvnc-gzf6-y3f3
vulnerability_id VCID-qvnc-gzf6-y3f3
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41196
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15532
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41196
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-606.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-606.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-804.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-804.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-389.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-389.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b
6
reference_url https://github.com/tensorflow/tensorflow/issues/51936
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/51936
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8
8
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41196
reference_id CVE-2021-41196
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41196
10
reference_url https://github.com/advisories/GHSA-m539-j985-hcr8
reference_id GHSA-m539-j985-hcr8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m539-j985-hcr8
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41196, GHSA-m539-j985-hcr8, PYSEC-2021-389, PYSEC-2021-606, PYSEC-2021-804
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvnc-gzf6-y3f3
65
url VCID-qxqd-f1bw-y7h4
vulnerability_id VCID-qxqd-f1bw-y7h4
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `ThreadPoolHandle` can be used to trigger a denial of service attack by allocating too much memory. This is because the `num_threads` argument is only checked to not be negative, but there is no upper bound on its value. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21732
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21732
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-56.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-56.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-111.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-111.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/experimental/threadpool_dataset_op.cc#L79-L135
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/experimental/threadpool_dataset_op.cc#L79-L135
5
reference_url https://github.com/tensorflow/tensorflow/commit/e3749a6d5d1e8d11806d4a2e9cc3123d1a90b75e
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e3749a6d5d1e8d11806d4a2e9cc3123d1a90b75e
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21732
reference_id CVE-2022-21732
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21732
8
reference_url https://github.com/advisories/GHSA-c582-c96p-r5cq
reference_id GHSA-c582-c96p-r5cq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c582-c96p-r5cq
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21732, GHSA-c582-c96p-r5cq, PYSEC-2022-111, PYSEC-2022-56
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxqd-f1bw-y7h4
66
url VCID-rkx2-5nyj-bbhu
vulnerability_id VCID-rkx2-5nyj-bbhu
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41218
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04734
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41218
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-627.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-627.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-825.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-825.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-410.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-410.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41218
reference_id CVE-2021-41218
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41218
9
reference_url https://github.com/advisories/GHSA-9crf-c6qr-r273
reference_id GHSA-9crf-c6qr-r273
reference_type
scores
url https://github.com/advisories/GHSA-9crf-c6qr-r273
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41218, GHSA-9crf-c6qr-r273, PYSEC-2021-410, PYSEC-2021-627, PYSEC-2021-825
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkx2-5nyj-bbhu
67
url VCID-rr2a-8jrx-6ue8
vulnerability_id VCID-rr2a-8jrx-6ue8
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41213
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13618
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41213
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-622.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-622.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-820.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-820.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-405.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-405.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41213
reference_id CVE-2021-41213
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41213
9
reference_url https://github.com/advisories/GHSA-h67m-xg8f-fxcf
reference_id GHSA-h67m-xg8f-fxcf
reference_type
scores
url https://github.com/advisories/GHSA-h67m-xg8f-fxcf
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41213, GHSA-h67m-xg8f-fxcf, PYSEC-2021-405, PYSEC-2021-622, PYSEC-2021-820
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rr2a-8jrx-6ue8
68
url VCID-rsau-jvcr-uudd
vulnerability_id VCID-rsau-jvcr-uudd
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseTensorSliceDataset` has an undefined behavior: under certain condition it can be made to dereference a `nullptr` value. The 3 input arguments to `SparseTensorSliceDataset` represent a sparse tensor. However, there are some preconditions that these arguments must satisfy but these are not validated in the implementation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21736
reference_id
reference_type
scores
0
value 0.00331
scoring_system epss
scoring_elements 0.56243
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21736
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-60.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-60.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-115.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-115.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L227-L292
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L227-L292
5
reference_url https://github.com/tensorflow/tensorflow/commit/965b97e4a9650495cda5a8c210ef6684b4b9eceb
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/965b97e4a9650495cda5a8c210ef6684b4b9eceb
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21736
reference_id CVE-2022-21736
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21736
8
reference_url https://github.com/advisories/GHSA-pfjj-m3jj-9jc9
reference_id GHSA-pfjj-m3jj-9jc9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pfjj-m3jj-9jc9
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21736, GHSA-pfjj-m3jj-9jc9, PYSEC-2022-115, PYSEC-2022-60
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsau-jvcr-uudd
69
url VCID-rt4b-xxm6-xubs
vulnerability_id VCID-rt4b-xxm6-xubs
summary Tensorflow is an Open Source Machine Learning Framework. A `GraphDef` from a TensorFlow `SavedModel` can be maliciously altered to cause a TensorFlow process to crash due to encountering a `StatusOr` value that is an error and forcibly extracting the value from it. We have patched the issue in multiple GitHub commits and these will be included in TensorFlow 2.8.0 and TensorFlow 2.7.1, as both are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23590
reference_id
reference_type
scores
0
value 0.00239
scoring_system epss
scoring_elements 0.47086
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23590
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-99.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-99.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-154.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-154.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L560-L567
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L560-L567
5
reference_url https://github.com/tensorflow/tensorflow/commit/955059813cc325dc1db5e2daa6221271406d4439
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/955059813cc325dc1db5e2daa6221271406d4439
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pqrv-8r2f-7278
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pqrv-8r2f-7278
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23590
reference_id CVE-2022-23590
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23590
8
reference_url https://github.com/advisories/GHSA-pqrv-8r2f-7278
reference_id GHSA-pqrv-8r2f-7278
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pqrv-8r2f-7278
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23590, GHSA-pqrv-8r2f-7278, PYSEC-2022-154, PYSEC-2022-99
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rt4b-xxm6-xubs
70
url VCID-rujq-67w1-u3g7
vulnerability_id VCID-rujq-67w1-u3g7
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41225
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.05281
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41225
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-634.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-634.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-832.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-832.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-417.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-417.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41225
reference_id CVE-2021-41225
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41225
9
reference_url https://github.com/advisories/GHSA-7r94-xv9v-63jw
reference_id GHSA-7r94-xv9v-63jw
reference_type
scores
url https://github.com/advisories/GHSA-7r94-xv9v-63jw
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41225, GHSA-7r94-xv9v-63jw, PYSEC-2021-417, PYSEC-2021-634, PYSEC-2021-832
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rujq-67w1-u3g7
71
url VCID-sb7m-pngm-5fbj
vulnerability_id VCID-sb7m-pngm-5fbj
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41215
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04734
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41215
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-624.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-624.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-822.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-822.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-407.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-407.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41215
reference_id CVE-2021-41215
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41215
9
reference_url https://github.com/advisories/GHSA-x3v8-c8qx-3j3r
reference_id GHSA-x3v8-c8qx-3j3r
reference_type
scores
url https://github.com/advisories/GHSA-x3v8-c8qx-3j3r
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41215, GHSA-x3v8-c8qx-3j3r, PYSEC-2021-407, PYSEC-2021-624, PYSEC-2021-822
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sb7m-pngm-5fbj
72
url VCID-sf59-u7jt-4bd5
vulnerability_id VCID-sf59-u7jt-4bd5
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41206
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01184
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41206
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-845.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-845.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-847.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-847.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-843.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-843.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4
6
reference_url https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07
7
reference_url https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d
8
reference_url https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a
9
reference_url https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261
10
reference_url https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904
11
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69
12
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41206
reference_id CVE-2021-41206
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41206
14
reference_url https://github.com/advisories/GHSA-pgcq-h79j-2f69
reference_id GHSA-pgcq-h79j-2f69
reference_type
scores
url https://github.com/advisories/GHSA-pgcq-h79j-2f69
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
aliases CVE-2021-41206, GHSA-pgcq-h79j-2f69, PYSEC-2021-843, PYSEC-2021-845, PYSEC-2021-847
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sf59-u7jt-4bd5
73
url VCID-ugta-nt2s-27fk
vulnerability_id VCID-ugta-nt2s-27fk
summary Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the `DCHECK` function however, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the `ValueOrDie` line. This results in an assertion failure as `ret` contains an error `Status`, not a value. In the second case we also get a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23572
reference_id
reference_type
scores
0
value 0.00507
scoring_system epss
scoring_elements 0.66571
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23572
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-81.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-81.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-136.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-136.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L168-L174
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L168-L174
5
reference_url https://github.com/tensorflow/tensorflow/commit/cb164786dc891ea11d3a900e90367c339305dc7b
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/cb164786dc891ea11d3a900e90367c339305dc7b
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rww7-2gpw-fv6j
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rww7-2gpw-fv6j
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23572
reference_id CVE-2022-23572
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23572
8
reference_url https://github.com/advisories/GHSA-rww7-2gpw-fv6j
reference_id GHSA-rww7-2gpw-fv6j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rww7-2gpw-fv6j
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23572, GHSA-rww7-2gpw-fv6j, PYSEC-2022-136, PYSEC-2022-81
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ugta-nt2s-27fk
74
url VCID-v2nf-1526-nkbp
vulnerability_id VCID-v2nf-1526-nkbp
summary Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23565
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30304
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23565
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-74.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-74.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-129.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-129.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/commit/c2b31ff2d3151acb230edc3f5b1832d2c713a9e0
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/c2b31ff2d3151acb230edc3f5b1832d2c713a9e0
5
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23565
reference_id CVE-2022-23565
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23565
7
reference_url https://github.com/advisories/GHSA-4v5p-v5h9-6xjx
reference_id GHSA-4v5p-v5h9-6xjx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4v5p-v5h9-6xjx
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23565, GHSA-4v5p-v5h9-6xjx, PYSEC-2022-129, PYSEC-2022-74
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v2nf-1526-nkbp
75
url VCID-vfgz-fss4-wbgu
vulnerability_id VCID-vfgz-fss4-wbgu
summary Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23574
reference_id
reference_type
scores
0
value 0.00296
scoring_system epss
scoring_elements 0.53147
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23574
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-83.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-83.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-138.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-138.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L81-L102
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L81-L102
5
reference_url https://github.com/tensorflow/tensorflow/commit/0657c83d08845cc434175934c642299de2c0f042
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/0657c83d08845cc434175934c642299de2c0f042
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-77gp-3h4r-6428
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-77gp-3h4r-6428
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23574
reference_id CVE-2022-23574
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23574
8
reference_url https://github.com/advisories/GHSA-77gp-3h4r-6428
reference_id GHSA-77gp-3h4r-6428
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-77gp-3h4r-6428
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23574, GHSA-77gp-3h4r-6428, PYSEC-2022-138, PYSEC-2022-83
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfgz-fss4-wbgu
76
url VCID-vgv7-xc3c-1fb3
vulnerability_id VCID-vgv7-xc3c-1fb3
summary Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23564
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30304
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23564
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-73.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-73.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-128.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-128.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/commit/14fea662350e7c26eb5fe1be2ac31704e5682ee6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/14fea662350e7c26eb5fe1be2ac31704e5682ee6
5
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23564
reference_id CVE-2022-23564
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23564
7
reference_url https://github.com/advisories/GHSA-8rcj-c8pj-v3m3
reference_id GHSA-8rcj-c8pj-v3m3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8rcj-c8pj-v3m3
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23564, GHSA-8rcj-c8pj-v3m3, PYSEC-2022-128, PYSEC-2022-73
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgv7-xc3c-1fb3
77
url VCID-vnn5-y8ez-rub9
vulnerability_id VCID-vnn5-y8ez-rub9
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTensorsMap` is vulnerable to an integer overflow which results in a `CHECK`-fail when building new `TensorShape` objects (so, an assert failure based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23568
reference_id
reference_type
scores
0
value 0.00303
scoring_system epss
scoring_elements 0.53888
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23568
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-77.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-77.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-132.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-132.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/sparse_tensors_map_ops.cc
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/sparse_tensors_map_ops.cc
5
reference_url https://github.com/tensorflow/tensorflow/commit/a68f68061e263a88321c104a6c911fe5598050a8
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/a68f68061e263a88321c104a6c911fe5598050a8
6
reference_url https://github.com/tensorflow/tensorflow/commit/b51b82fe65ebace4475e3c54eb089c18a4403f1c
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/b51b82fe65ebace4475e3c54eb089c18a4403f1c
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6445-fm66-fvq2
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6445-fm66-fvq2
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23568
reference_id CVE-2022-23568
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23568
9
reference_url https://github.com/advisories/GHSA-6445-fm66-fvq2
reference_id GHSA-6445-fm66-fvq2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6445-fm66-fvq2
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23568, GHSA-6445-fm66-fvq2, PYSEC-2022-132, PYSEC-2022-77
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vnn5-y8ez-rub9
78
url VCID-vpyd-he5n-b3a4
vulnerability_id VCID-vpyd-he5n-b3a4
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `QuantizedMaxPool` has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21739
reference_id
reference_type
scores
0
value 0.00221
scoring_system epss
scoring_elements 0.44697
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21739
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-63.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-63.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-118.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-118.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/quantized_pooling_ops.cc#L114-L130
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/quantized_pooling_ops.cc#L114-L130
5
reference_url https://github.com/tensorflow/tensorflow/commit/53b0dd6dc5957652f35964af16b892ec9af4a559
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/53b0dd6dc5957652f35964af16b892ec9af4a559
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21739
reference_id CVE-2022-21739
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21739
8
reference_url https://github.com/advisories/GHSA-3mw4-6rj6-74g5
reference_id GHSA-3mw4-6rj6-74g5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3mw4-6rj6-74g5
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21739, GHSA-3mw4-6rj6-74g5, PYSEC-2022-118, PYSEC-2022-63
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpyd-he5n-b3a4
79
url VCID-vqxg-mnz4-13cg
vulnerability_id VCID-vqxg-mnz4-13cg
summary Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23570
reference_id
reference_type
scores
0
value 0.00509
scoring_system epss
scoring_elements 0.66643
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23570
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-79.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-79.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-134.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-134.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L104-L106
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L104-L106
5
reference_url https://github.com/tensorflow/tensorflow/commit/8a513cec4bec15961fbfdedcaa5376522980455c
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/8a513cec4bec15961fbfdedcaa5376522980455c
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9p77-mmrw-69c7
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9p77-mmrw-69c7
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23570
reference_id CVE-2022-23570
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23570
8
reference_url https://github.com/advisories/GHSA-9p77-mmrw-69c7
reference_id GHSA-9p77-mmrw-69c7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9p77-mmrw-69c7
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23570, GHSA-9p77-mmrw-69c7, PYSEC-2022-134, PYSEC-2022-79
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vqxg-mnz4-13cg
80
url VCID-w2ns-kqmv-xfan
vulnerability_id VCID-w2ns-kqmv-xfan
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41208
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01882
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41208
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-617.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-617.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-815.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-815.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-400.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-400.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88
reference_id
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41208
reference_id CVE-2021-41208
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41208
9
reference_url https://github.com/advisories/GHSA-57wx-m983-2f88
reference_id GHSA-57wx-m983-2f88
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-57wx-m983-2f88
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41208, GHSA-57wx-m983-2f88, PYSEC-2021-400, PYSEC-2021-617, PYSEC-2021-815
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w2ns-kqmv-xfan
81
url VCID-x2t2-4sa6-qygs
vulnerability_id VCID-x2t2-4sa6-qygs
summary Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23561
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.38678
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23561
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-70.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-70.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-125.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-125.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/commit/6c0b2b70eeee588591680f5b7d5d38175fd7cdf6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/6c0b2b70eeee588591680f5b7d5d38175fd7cdf6
5
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c78-vcq7-7vxq
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c78-vcq7-7vxq
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23561
reference_id CVE-2022-23561
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23561
7
reference_url https://github.com/advisories/GHSA-9c78-vcq7-7vxq
reference_id GHSA-9c78-vcq7-7vxq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9c78-vcq7-7vxq
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23561, GHSA-9c78-vcq7-7vxq, PYSEC-2022-125, PYSEC-2022-70
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x2t2-4sa6-qygs
82
url VCID-x5x3-2cyz-xbhe
vulnerability_id VCID-x5x3-2cyz-xbhe
summary Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item->kernel` to `nullptr` but it is a simple `OpKernel*` pointer so the memory that was previously allocated to it would leak. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23578
reference_id
reference_type
scores
0
value 0.002
scoring_system epss
scoring_elements 0.4199
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23578
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-87.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-87.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-142.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-142.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/common_runtime/immutable_executor_state.cc#L84-L262
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/common_runtime/immutable_executor_state.cc#L84-L262
5
reference_url https://github.com/tensorflow/tensorflow/commit/c79ccba517dbb1a0ccb9b01ee3bd2a63748b60dd
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/c79ccba517dbb1a0ccb9b01ee3bd2a63748b60dd
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8r7c-3cm2-3h8f
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8r7c-3cm2-3h8f
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23578
reference_id CVE-2022-23578
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23578
8
reference_url https://github.com/advisories/GHSA-8r7c-3cm2-3h8f
reference_id GHSA-8r7c-3cm2-3h8f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8r7c-3cm2-3h8f
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-23578, GHSA-8r7c-3cm2-3h8f, PYSEC-2022-142, PYSEC-2022-87
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5x3-2cyz-xbhe
83
url VCID-xbt8-r95u-sqbu
vulnerability_id VCID-xbt8-r95u-sqbu
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41201
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06636
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41201
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-611.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-611.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-809.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-809.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-394.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-394.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41201
reference_id CVE-2021-41201
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41201
9
reference_url https://github.com/advisories/GHSA-j86v-p27c-73fm
reference_id GHSA-j86v-p27c-73fm
reference_type
scores
url https://github.com/advisories/GHSA-j86v-p27c-73fm
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41201, GHSA-j86v-p27c-73fm, PYSEC-2021-394, PYSEC-2021-611, PYSEC-2021-809
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbt8-r95u-sqbu
84
url VCID-xn72-z6kg-q7bp
vulnerability_id VCID-xn72-z6kg-q7bp
summary 
Integer Overflow or Wraparound in TensorFlow
### Impact
The Grappler component of TensorFlow is vulnerable to a denial of service via `CHECK`-failure  in constant folding  for ;
    // ...
  }
```
  
The `output_prop` tensor has a shape that is controlled by user input and this can result in triggering one of the `CHECK`s in the `PartialTensorShape` constructor. This is an instance of TFSA-2021-198 .

### Patches
We have patched the issue in GitHub commit be7b286d40bc68cb0b56f702186cc4837d508058 fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

### For more information
Please consult [our security guide] for more information regarding the security model and how to contact us with issues and questions.
references
0
reference_url https://github.com/tensorflow/tensorflow/commit/be7b286d40bc68cb0b56f702186cc4837d508058
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/be7b286d40bc68cb0b56f702186cc4837d508058
1
reference_url https://github.com/advisories/GHSA-wcv5-vrvr-3rx2
reference_id GHSA-wcv5-vrvr-3rx2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wcv5-vrvr-3rx2
2
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wcv5-vrvr-3rx2
reference_id GHSA-wcv5-vrvr-3rx2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wcv5-vrvr-3rx2
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases GHSA-wcv5-vrvr-3rx2, GMS-2022-50, GMS-2022-53, GMS-2022-56
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xn72-z6kg-q7bp
85
url VCID-y7hx-h69v-wfcy
vulnerability_id VCID-y7hx-h69v-wfcy
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41212
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05349
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41212
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-621.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-621.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-819.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-819.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-404.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-404.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g
7
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41212
reference_id CVE-2021-41212
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41212
9
reference_url https://github.com/advisories/GHSA-fr77-rrx3-cp7g
reference_id GHSA-fr77-rrx3-cp7g
reference_type
scores
url https://github.com/advisories/GHSA-fr77-rrx3-cp7g
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
1
url pkg:pypi/tensorflow-cpu@2.7.0
purl pkg:pypi/tensorflow-cpu@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-1hbp-9n5x-tyda
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-39ck-bm9t-kqhs
7
vulnerability VCID-3czq-3twf-skcg
8
vulnerability VCID-3g5a-5csn-h3d9
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-466y-e26r-rka4
11
vulnerability VCID-4fcy-hbcs-cuan
12
vulnerability VCID-5tpp-sf62-zycs
13
vulnerability VCID-62er-23uz-6qgu
14
vulnerability VCID-6888-uhtp-8ub6
15
vulnerability VCID-6gnj-az99-h7b4
16
vulnerability VCID-7uu3-mfan-4ue5
17
vulnerability VCID-83pe-ztey-dbf4
18
vulnerability VCID-8zqb-tqfq-7ud7
19
vulnerability VCID-97cs-4kx3-37gm
20
vulnerability VCID-9arh-a8wj-wka6
21
vulnerability VCID-akmu-fas1-33h6
22
vulnerability VCID-axj7-aq9m-rqdu
23
vulnerability VCID-b4hf-5gqs-yfbw
24
vulnerability VCID-bn6z-c98v-n7bf
25
vulnerability VCID-ccv1-pgda-r7ba
26
vulnerability VCID-cwvm-wntu-tfck
27
vulnerability VCID-d1hw-1fdb-kfhq
28
vulnerability VCID-d3dc-su6w-s3ag
29
vulnerability VCID-egc6-6pwr-fyej
30
vulnerability VCID-en5f-xtha-cyhp
31
vulnerability VCID-ev23-kazv-nkas
32
vulnerability VCID-ev84-gxjn-6bf1
33
vulnerability VCID-exym-4mq2-rkbj
34
vulnerability VCID-eyqx-7k24-zfhq
35
vulnerability VCID-f25m-udat-n3fd
36
vulnerability VCID-f3cx-k63z-7qde
37
vulnerability VCID-ffkg-sa3q-8qfq
38
vulnerability VCID-fggx-3rzd-8kf5
39
vulnerability VCID-g5zp-g143-a3hk
40
vulnerability VCID-g7ud-1f9c-u7bn
41
vulnerability VCID-g8er-52ns-j7b1
42
vulnerability VCID-g8ts-ghhv-33e3
43
vulnerability VCID-gg98-zkw8-5ben
44
vulnerability VCID-gh9u-ufcn-6khx
45
vulnerability VCID-hujj-6vv2-u3c2
46
vulnerability VCID-jdud-ufqp-4yg5
47
vulnerability VCID-jg5r-hv3s-kuh3
48
vulnerability VCID-k3rw-xwzv-1uer
49
vulnerability VCID-ky4u-eny7-33fy
50
vulnerability VCID-m4na-tgrp-d7fk
51
vulnerability VCID-mtqg-yga8-eqeu
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-n62z-1akp-ebck
54
vulnerability VCID-ngkq-s26c-qkfj
55
vulnerability VCID-pe9p-a7nn-8bhj
56
vulnerability VCID-q4zv-syab-bbh8
57
vulnerability VCID-qgr6-bqrc-puhs
58
vulnerability VCID-qxqd-f1bw-y7h4
59
vulnerability VCID-rgug-8jmj-e7hw
60
vulnerability VCID-rsau-jvcr-uudd
61
vulnerability VCID-rt4b-xxm6-xubs
62
vulnerability VCID-s3fs-8v2b-zqem
63
vulnerability VCID-sbpr-dnvt-x7eu
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-ugta-nt2s-27fk
66
vulnerability VCID-uyv6-cmed-a7c3
67
vulnerability VCID-v2nf-1526-nkbp
68
vulnerability VCID-vfgz-fss4-wbgu
69
vulnerability VCID-vgv7-xc3c-1fb3
70
vulnerability VCID-vnn5-y8ez-rub9
71
vulnerability VCID-vpyd-he5n-b3a4
72
vulnerability VCID-vqxg-mnz4-13cg
73
vulnerability VCID-wfh9-ew6v-nyhy
74
vulnerability VCID-ww95-y388-3ben
75
vulnerability VCID-x2t2-4sa6-qygs
76
vulnerability VCID-x5x3-2cyz-xbhe
77
vulnerability VCID-xn72-z6kg-q7bp
78
vulnerability VCID-y8ed-ynrx-37af
79
vulnerability VCID-yvag-32h1-yfc5
80
vulnerability VCID-yvef-kyv2-qbea
81
vulnerability VCID-yx57-74vr-rfes
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.0
aliases CVE-2021-41212, GHSA-fr77-rrx3-cp7g, PYSEC-2021-404, PYSEC-2021-621, PYSEC-2021-819
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7hx-h69v-wfcy
86
url VCID-y8ed-ynrx-37af
vulnerability_id VCID-y8ed-ynrx-37af
summary 
Improper Validation of Integrity Check Value in TensorFlow
The implementation of `tf.sparse.split` does not fully validate the input arguments.
references
0
reference_url https://github.com/tensorflow/tensorflow/commit/61bf91e768173b001d56923600b40d9a95a04ad5
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/61bf91e768173b001d56923600b40d9a95a04ad5
1
reference_url https://github.com/tensorflow/tensorflow/pull/53695
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/pull/53695
2
reference_url https://github.com/advisories/GHSA-43q8-3fv7-pr5x
reference_id GHSA-43q8-3fv7-pr5x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43q8-3fv7-pr5x
3
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-43q8-3fv7-pr5x
reference_id GHSA-43q8-3fv7-pr5x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-43q8-3fv7-pr5x
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases GHSA-43q8-3fv7-pr5x, GMS-2022-48, GMS-2022-51, GMS-2022-54
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8ed-ynrx-37af
87
url VCID-yh43-ndzp-4ue9
vulnerability_id VCID-yh43-ndzp-4ue9
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41195
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11785
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41195
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-844.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-844.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-846.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-846.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-842.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-842.yaml
4
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
5
reference_url https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429
6
reference_url https://github.com/tensorflow/tensorflow/issues/46888
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/issues/46888
7
reference_url https://github.com/tensorflow/tensorflow/pull/51733
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/pull/51733
8
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh
9
reference_url https://security.archlinux.org/AVG-2529
reference_id AVG-2529
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2529
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41195
reference_id CVE-2021-41195
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-41195
11
reference_url https://github.com/advisories/GHSA-cq76-mxrc-vchh
reference_id GHSA-cq76-mxrc-vchh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cq76-mxrc-vchh
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.1
purl pkg:pypi/tensorflow-cpu@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11qd-d7c7-sbdm
1
vulnerability VCID-145d-k5w3-tfgz
2
vulnerability VCID-15nt-6tff-k7gb
3
vulnerability VCID-1ah5-hm7a-ykep
4
vulnerability VCID-39ck-bm9t-kqhs
5
vulnerability VCID-3czq-3twf-skcg
6
vulnerability VCID-3g5a-5csn-h3d9
7
vulnerability VCID-466y-e26r-rka4
8
vulnerability VCID-5tpp-sf62-zycs
9
vulnerability VCID-6888-uhtp-8ub6
10
vulnerability VCID-6gnj-az99-h7b4
11
vulnerability VCID-83pe-ztey-dbf4
12
vulnerability VCID-97cs-4kx3-37gm
13
vulnerability VCID-9arh-a8wj-wka6
14
vulnerability VCID-akmu-fas1-33h6
15
vulnerability VCID-axj7-aq9m-rqdu
16
vulnerability VCID-ccv1-pgda-r7ba
17
vulnerability VCID-cwvm-wntu-tfck
18
vulnerability VCID-d3dc-su6w-s3ag
19
vulnerability VCID-egc6-6pwr-fyej
20
vulnerability VCID-en5f-xtha-cyhp
21
vulnerability VCID-ev23-kazv-nkas
22
vulnerability VCID-ev84-gxjn-6bf1
23
vulnerability VCID-eyqx-7k24-zfhq
24
vulnerability VCID-f25m-udat-n3fd
25
vulnerability VCID-f3cx-k63z-7qde
26
vulnerability VCID-fggx-3rzd-8kf5
27
vulnerability VCID-g8er-52ns-j7b1
28
vulnerability VCID-g8ts-ghhv-33e3
29
vulnerability VCID-gg98-zkw8-5ben
30
vulnerability VCID-hujj-6vv2-u3c2
31
vulnerability VCID-jdud-ufqp-4yg5
32
vulnerability VCID-ky4u-eny7-33fy
33
vulnerability VCID-m4na-tgrp-d7fk
34
vulnerability VCID-mtqg-yga8-eqeu
35
vulnerability VCID-n62z-1akp-ebck
36
vulnerability VCID-ngkq-s26c-qkfj
37
vulnerability VCID-pe9p-a7nn-8bhj
38
vulnerability VCID-q4zv-syab-bbh8
39
vulnerability VCID-qgr6-bqrc-puhs
40
vulnerability VCID-qxqd-f1bw-y7h4
41
vulnerability VCID-rsau-jvcr-uudd
42
vulnerability VCID-rt4b-xxm6-xubs
43
vulnerability VCID-ugta-nt2s-27fk
44
vulnerability VCID-v2nf-1526-nkbp
45
vulnerability VCID-vfgz-fss4-wbgu
46
vulnerability VCID-vgv7-xc3c-1fb3
47
vulnerability VCID-vnn5-y8ez-rub9
48
vulnerability VCID-vpyd-he5n-b3a4
49
vulnerability VCID-vqxg-mnz4-13cg
50
vulnerability VCID-x2t2-4sa6-qygs
51
vulnerability VCID-x5x3-2cyz-xbhe
52
vulnerability VCID-yvag-32h1-yfc5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.1
aliases CVE-2021-41195, GHSA-cq76-mxrc-vchh, PYSEC-2021-842, PYSEC-2021-844, PYSEC-2021-846
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yh43-ndzp-4ue9
88
url VCID-yvag-32h1-yfc5
vulnerability_id VCID-yvag-32h1-yfc5
summary Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21740
reference_id
reference_type
scores
0
value 0.00313
scoring_system epss
scoring_elements 0.54726
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21740
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-64.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-64.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-119.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-119.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273
5
reference_url https://github.com/tensorflow/tensorflow/commit/2b7100d6cdff36aa21010a82269bc05a6d1cc74a
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/2b7100d6cdff36aa21010a82269bc05a6d1cc74a
6
reference_url https://github.com/tensorflow/tensorflow/commit/adbbabdb0d3abb3cdeac69e38a96de1d678b24b3
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/commit/adbbabdb0d3abb3cdeac69e38a96de1d678b24b3
7
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21740
reference_id CVE-2022-21740
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21740
9
reference_url https://github.com/advisories/GHSA-44qp-9wwf-734r
reference_id GHSA-44qp-9wwf-734r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-44qp-9wwf-734r
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases CVE-2022-21740, GHSA-44qp-9wwf-734r, PYSEC-2022-119, PYSEC-2022-64
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yvag-32h1-yfc5
89
url VCID-yvef-kyv2-qbea
vulnerability_id VCID-yvef-kyv2-qbea
summary 
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow
### Impact 
The code for boosted trees in TensorFlow is still missing validation. This allows malicious users to read and write outside of bounds of heap allocated data as well as trigger denial of service (via dereferencing `nullptr`s or via `CHECK`-failures).

This follows after CVE-2021-41208 where these APIs were still vulnerable to multiple security issues.

**Note**: Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs.  Instead, please use the downstream [TensorFlow Decision Forests] project which is newer and supports more features. 
  
These APIs are now deprecated in TensorFlow 2.8. We will remove TensorFlow's boosted trees APIs in subsequent releases.
  
### Patches
We have patched the known issues in multiple GitHub commits.
  
The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

This should allow users to use existing boosted trees APIs for a while until they migrate to TensorFlow Decision Forests while guaranteeing that known vulnerabilities are fixed.

### For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

### Attribution
These vulnerabilities have been reported by Yu Tian of Qihoo 360 AIVul Team and Faysal Hossain Shezan from University of Virginia. Some of the issues have been discovered internally after a careful audit of the APIs.
references
0
reference_url https://github.com/tensorflow/tensorflow/blob/e0b6e58c328059829c3eb968136f17aa72b6c876/tensorflow/core/kernels/boosted_trees/stats_ops.cc
reference_id
reference_type
scores
url https://github.com/tensorflow/tensorflow/blob/e0b6e58c328059829c3eb968136f17aa72b6c876/tensorflow/core/kernels/boosted_trees/stats_ops.cc
1
reference_url https://github.com/advisories/GHSA-h6gw-r52c-724r
reference_id GHSA-h6gw-r52c-724r
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h6gw-r52c-724r
2
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r
reference_id GHSA-h6gw-r52c-724r
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.6.3
purl pkg:pypi/tensorflow-cpu@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rt4b-xxm6-xubs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.3
1
url pkg:pypi/tensorflow-cpu@2.7.1
purl pkg:pypi/tensorflow-cpu@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ffkg-sa3q-8qfq
1
vulnerability VCID-uyv6-cmed-a7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.1
aliases GHSA-h6gw-r52c-724r, GMS-2022-49, GMS-2022-52, GMS-2022-55
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yvef-kyv2-qbea
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.6.0