Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/tensorflow-cpu@2.7.3
Typepypi
Namespace
Nametensorflow-cpu
Version2.7.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.8.1
Latest_non_vulnerable_version2.12.1
Affected_by_vulnerabilities
0
url VCID-ffkg-sa3q-8qfq
vulnerability_id VCID-ffkg-sa3q-8qfq
summary Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a `DCHECK` (which is a no-op during production). An attacker can control the `input_idx` variable such that `ix` would be larger than the number of values in `node_t.args`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23592
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54937
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23592
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-101.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-101.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-156.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-156.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/
url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229
5
reference_url https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/
url https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq36-27g6-p492
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq36-27g6-p492
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23592
reference_id CVE-2022-23592
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23592
8
reference_url https://github.com/advisories/GHSA-vq36-27g6-p492
reference_id GHSA-vq36-27g6-p492
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vq36-27g6-p492
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.8.0
purl pkg:pypi/tensorflow-cpu@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15h4-876j-3bdz
1
vulnerability VCID-1hbp-9n5x-tyda
2
vulnerability VCID-1w3g-z5ja-q7cr
3
vulnerability VCID-21pb-qyv3-27cj
4
vulnerability VCID-2311-hknw-2ubh
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-32uz-pmsu-dycn
7
vulnerability VCID-3dun-j9ep-3ugk
8
vulnerability VCID-3fd6-8rv4-8qh3
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-4fcy-hbcs-cuan
11
vulnerability VCID-4mky-qp2e-vbhg
12
vulnerability VCID-4sj6-vagv-2qe4
13
vulnerability VCID-4tyf-xfhm-d3cm
14
vulnerability VCID-4xpd-4a11-k3b7
15
vulnerability VCID-62er-23uz-6qgu
16
vulnerability VCID-62y1-pd1b-vqhr
17
vulnerability VCID-7cu6-jt1f-q7hq
18
vulnerability VCID-7nkk-5pdm-uyck
19
vulnerability VCID-83t5-dg3c-5qa2
20
vulnerability VCID-842j-9ffd-rfcx
21
vulnerability VCID-8dwk-hykt-93a5
22
vulnerability VCID-8zqb-tqfq-7ud7
23
vulnerability VCID-9hzh-a72m-nya3
24
vulnerability VCID-ah8y-bmdk-5khm
25
vulnerability VCID-b4hf-5gqs-yfbw
26
vulnerability VCID-b9p4-ta3s-wbeu
27
vulnerability VCID-bjrr-3t28-rqgp
28
vulnerability VCID-bn6z-c98v-n7bf
29
vulnerability VCID-d1hw-1fdb-kfhq
30
vulnerability VCID-degg-b7w4-jyg7
31
vulnerability VCID-djxs-vpxa-5bav
32
vulnerability VCID-e7nb-5swt-r3c9
33
vulnerability VCID-ebu7-ts8t-43br
34
vulnerability VCID-etu4-tnze-h3ag
35
vulnerability VCID-exym-4mq2-rkbj
36
vulnerability VCID-f8ut-vanr-1qbz
37
vulnerability VCID-fr8d-65tt-a7bw
38
vulnerability VCID-g5zp-g143-a3hk
39
vulnerability VCID-g7ud-1f9c-u7bn
40
vulnerability VCID-gh9u-ufcn-6khx
41
vulnerability VCID-gnns-f4aa-wuas
42
vulnerability VCID-gqh9-w7d2-r7ap
43
vulnerability VCID-hdth-hp7r-ebfs
44
vulnerability VCID-hjd9-vujt-g7d2
45
vulnerability VCID-jg5r-hv3s-kuh3
46
vulnerability VCID-jmr2-tp5q-6qau
47
vulnerability VCID-k3rw-xwzv-1uer
48
vulnerability VCID-kdhk-ygud-9bft
49
vulnerability VCID-kjwx-6qbk-37ak
50
vulnerability VCID-m4j4-decm-tkb6
51
vulnerability VCID-mrjt-fjbf-gyeh
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-nekm-7jcz-a3au
54
vulnerability VCID-nwcb-zuc2-hudk
55
vulnerability VCID-nymb-futt-vqgf
56
vulnerability VCID-q2n9-eckv-jubc
57
vulnerability VCID-re7v-rdvx-9bav
58
vulnerability VCID-rgug-8jmj-e7hw
59
vulnerability VCID-rsm8-1q5j-7yac
60
vulnerability VCID-s3fs-8v2b-zqem
61
vulnerability VCID-sb8m-6jmx-bkh4
62
vulnerability VCID-sbpr-dnvt-x7eu
63
vulnerability VCID-ss5q-9rxf-pygf
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-uh53-ed93-cfhj
66
vulnerability VCID-unq7-3j4j-q3ew
67
vulnerability VCID-ux3x-2756-n3av
68
vulnerability VCID-v6cz-tyns-73br
69
vulnerability VCID-wfh9-ew6v-nyhy
70
vulnerability VCID-wm5z-8hpe-1ug6
71
vulnerability VCID-ww95-y388-3ben
72
vulnerability VCID-x1r9-72db-xqf6
73
vulnerability VCID-y5s1-jyr5-eqfa
74
vulnerability VCID-y9yr-d3rq-97dq
75
vulnerability VCID-yx57-74vr-rfes
76
vulnerability VCID-z5zj-88jh-cked
77
vulnerability VCID-z6dc-pprc-buar
78
vulnerability VCID-zc6k-2kds-afht
79
vulnerability VCID-ztrz-qnwj-2fhd
80
vulnerability VCID-zun3-rnh3-h3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.0
aliases BIT-tensorflow-2022-23592, CVE-2022-23592, GHSA-vq36-27g6-p492, PYSEC-2022-101, PYSEC-2022-156
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ffkg-sa3q-8qfq
1
url VCID-uyv6-cmed-a7c3
vulnerability_id VCID-uyv6-cmed-a7c3
summary Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23593
reference_id
reference_type
scores
0
value 0.00309
scoring_system epss
scoring_elements 0.54327
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23593
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-102.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-102.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-157.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-157.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205
5
reference_url https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23593
reference_id CVE-2022-23593
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23593
8
reference_url https://github.com/advisories/GHSA-gwcx-jrx4-92w2
reference_id GHSA-gwcx-jrx4-92w2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gwcx-jrx4-92w2
fixed_packages
0
url pkg:pypi/tensorflow-cpu@2.8.0
purl pkg:pypi/tensorflow-cpu@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15h4-876j-3bdz
1
vulnerability VCID-1hbp-9n5x-tyda
2
vulnerability VCID-1w3g-z5ja-q7cr
3
vulnerability VCID-21pb-qyv3-27cj
4
vulnerability VCID-2311-hknw-2ubh
5
vulnerability VCID-2tx7-szke-f7d8
6
vulnerability VCID-32uz-pmsu-dycn
7
vulnerability VCID-3dun-j9ep-3ugk
8
vulnerability VCID-3fd6-8rv4-8qh3
9
vulnerability VCID-41ax-nrcf-yygf
10
vulnerability VCID-4fcy-hbcs-cuan
11
vulnerability VCID-4mky-qp2e-vbhg
12
vulnerability VCID-4sj6-vagv-2qe4
13
vulnerability VCID-4tyf-xfhm-d3cm
14
vulnerability VCID-4xpd-4a11-k3b7
15
vulnerability VCID-62er-23uz-6qgu
16
vulnerability VCID-62y1-pd1b-vqhr
17
vulnerability VCID-7cu6-jt1f-q7hq
18
vulnerability VCID-7nkk-5pdm-uyck
19
vulnerability VCID-83t5-dg3c-5qa2
20
vulnerability VCID-842j-9ffd-rfcx
21
vulnerability VCID-8dwk-hykt-93a5
22
vulnerability VCID-8zqb-tqfq-7ud7
23
vulnerability VCID-9hzh-a72m-nya3
24
vulnerability VCID-ah8y-bmdk-5khm
25
vulnerability VCID-b4hf-5gqs-yfbw
26
vulnerability VCID-b9p4-ta3s-wbeu
27
vulnerability VCID-bjrr-3t28-rqgp
28
vulnerability VCID-bn6z-c98v-n7bf
29
vulnerability VCID-d1hw-1fdb-kfhq
30
vulnerability VCID-degg-b7w4-jyg7
31
vulnerability VCID-djxs-vpxa-5bav
32
vulnerability VCID-e7nb-5swt-r3c9
33
vulnerability VCID-ebu7-ts8t-43br
34
vulnerability VCID-etu4-tnze-h3ag
35
vulnerability VCID-exym-4mq2-rkbj
36
vulnerability VCID-f8ut-vanr-1qbz
37
vulnerability VCID-fr8d-65tt-a7bw
38
vulnerability VCID-g5zp-g143-a3hk
39
vulnerability VCID-g7ud-1f9c-u7bn
40
vulnerability VCID-gh9u-ufcn-6khx
41
vulnerability VCID-gnns-f4aa-wuas
42
vulnerability VCID-gqh9-w7d2-r7ap
43
vulnerability VCID-hdth-hp7r-ebfs
44
vulnerability VCID-hjd9-vujt-g7d2
45
vulnerability VCID-jg5r-hv3s-kuh3
46
vulnerability VCID-jmr2-tp5q-6qau
47
vulnerability VCID-k3rw-xwzv-1uer
48
vulnerability VCID-kdhk-ygud-9bft
49
vulnerability VCID-kjwx-6qbk-37ak
50
vulnerability VCID-m4j4-decm-tkb6
51
vulnerability VCID-mrjt-fjbf-gyeh
52
vulnerability VCID-mzvs-ne4v-4qh7
53
vulnerability VCID-nekm-7jcz-a3au
54
vulnerability VCID-nwcb-zuc2-hudk
55
vulnerability VCID-nymb-futt-vqgf
56
vulnerability VCID-q2n9-eckv-jubc
57
vulnerability VCID-re7v-rdvx-9bav
58
vulnerability VCID-rgug-8jmj-e7hw
59
vulnerability VCID-rsm8-1q5j-7yac
60
vulnerability VCID-s3fs-8v2b-zqem
61
vulnerability VCID-sb8m-6jmx-bkh4
62
vulnerability VCID-sbpr-dnvt-x7eu
63
vulnerability VCID-ss5q-9rxf-pygf
64
vulnerability VCID-tru4-6hk6-yydu
65
vulnerability VCID-uh53-ed93-cfhj
66
vulnerability VCID-unq7-3j4j-q3ew
67
vulnerability VCID-ux3x-2756-n3av
68
vulnerability VCID-v6cz-tyns-73br
69
vulnerability VCID-wfh9-ew6v-nyhy
70
vulnerability VCID-wm5z-8hpe-1ug6
71
vulnerability VCID-ww95-y388-3ben
72
vulnerability VCID-x1r9-72db-xqf6
73
vulnerability VCID-y5s1-jyr5-eqfa
74
vulnerability VCID-y9yr-d3rq-97dq
75
vulnerability VCID-yx57-74vr-rfes
76
vulnerability VCID-z5zj-88jh-cked
77
vulnerability VCID-z6dc-pprc-buar
78
vulnerability VCID-zc6k-2kds-afht
79
vulnerability VCID-ztrz-qnwj-2fhd
80
vulnerability VCID-zun3-rnh3-h3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.0
aliases BIT-tensorflow-2022-23593, CVE-2022-23593, GHSA-gwcx-jrx4-92w2, PYSEC-2022-102, PYSEC-2022-157
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uyv6-cmed-a7c3
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.3