Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/80028?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/80028?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.7.4", "type": "pypi", "namespace": "", "name": "tensorflow-cpu", "version": "2.7.4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.12.1", "latest_non_vulnerable_version": "2.12.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205533?format=api", "vulnerability_id": "VCID-1vxc-sbk4-77ef", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40259", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41896" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:05Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/39ec7eaf1428e90c37787e5b3fbd68ebd3c48860", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:05Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/39ec7eaf1428e90c37787e5b3fbd68ebd3c48860" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41896", "reference_id": "CVE-2022-41896", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41896" }, { "reference_url": "https://github.com/advisories/GHSA-rmg2-f698-wq35", "reference_id": "GHSA-rmg2-f698-wq35", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rmg2-f698-wq35" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35", "reference_id": "GHSA-rmg2-f698-wq35", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:05Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41896", "GHSA-rmg2-f698-wq35" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vxc-sbk4-77ef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17162?format=api", "vulnerability_id": "VCID-2vyy-ktxf-y7hj", "summary": "Incorrect Comparison\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25666", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17117", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25666" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:40:27Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25666", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25666" }, { "reference_url": "https://github.com/advisories/GHSA-f637-vh3r-vfh2", "reference_id": "GHSA-f637-vh3r-vfh2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f637-vh3r-vfh2" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2", "reference_id": "GHSA-f637-vh3r-vfh2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:40:27Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25666", "GHSA-f637-vh3r-vfh2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vyy-ktxf-y7hj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205537?format=api", "vulnerability_id": "VCID-3erq-zcrk-qqaf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01243", "scoring_system": "epss", "scoring_elements": "0.79594", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41900" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/216525144ee7c910296f5b05d214ca1327c9ce48", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/216525144ee7c910296f5b05d214ca1327c9ce48" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41900", "reference_id": "CVE-2022-41900", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41900" }, { "reference_url": "https://github.com/advisories/GHSA-xvwp-h6jv-7472", "reference_id": "GHSA-xvwp-h6jv-7472", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xvwp-h6jv-7472" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472", "reference_id": "GHSA-xvwp-h6jv-7472", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41900", "GHSA-xvwp-h6jv-7472" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3erq-zcrk-qqaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205535?format=api", "vulnerability_id": "VCID-3esk-gwz9-wfa4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40259", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41898" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse_fill_empty_rows_op_gpu.cu.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:56Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse_fill_empty_rows_op_gpu.cu.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/af4a6a3c8b95022c351edae94560acc61253a1b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:56Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/af4a6a3c8b95022c351edae94560acc61253a1b8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41898", "reference_id": "CVE-2022-41898", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41898" }, { "reference_url": "https://github.com/advisories/GHSA-hq7g-wwwp-q46h", "reference_id": "GHSA-hq7g-wwwp-q46h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hq7g-wwwp-q46h" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h", "reference_id": "GHSA-hq7g-wwwp-q46h", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:56Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41898", "GHSA-hq7g-wwwp-q46h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3esk-gwz9-wfa4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205532?format=api", "vulnerability_id": "VCID-3s87-vf5k-cycp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41895", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35228", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41895" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/717ca98d8c3bba348ff62281fdf38dcb5ea1ec92", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/717ca98d8c3bba348ff62281fdf38dcb5ea1ec92" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41895", "reference_id": "CVE-2022-41895", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41895" }, { "reference_url": "https://github.com/advisories/GHSA-gq2j-cr96-gvqx", "reference_id": "GHSA-gq2j-cr96-gvqx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gq2j-cr96-gvqx" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx", "reference_id": "GHSA-gq2j-cr96-gvqx", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41895", "GHSA-gq2j-cr96-gvqx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3s87-vf5k-cycp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17166?format=api", "vulnerability_id": "VCID-3yjn-h25c-v3gb", "summary": "Integer Overflow or Wraparound\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 <= num_frames * height * width * channels < 2^32`, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43588", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25667" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8dc723fcdd1a6127d6c970bd2ecb18b019a1a58d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:39:37Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8dc723fcdd1a6127d6c970bd2ecb18b019a1a58d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25667", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25667" }, { "reference_url": "https://github.com/advisories/GHSA-fqm2-gh8w-gr68", "reference_id": "GHSA-fqm2-gh8w-gr68", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fqm2-gh8w-gr68" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68", "reference_id": "GHSA-fqm2-gh8w-gr68", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:39:37Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25667", "GHSA-fqm2-gh8w-gr68" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3yjn-h25c-v3gb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205528?format=api", "vulnerability_id": "VCID-3zd4-d2hc-87at", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34344", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41890" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/util/bcast.h", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:20Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/util/bcast.h" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8310bf8dd188ff780e7fc53245058215a05bdbe5", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:20Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8310bf8dd188ff780e7fc53245058215a05bdbe5" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41890", "reference_id": "CVE-2022-41890", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41890" }, { "reference_url": "https://github.com/advisories/GHSA-h246-cgh4-7475", "reference_id": "GHSA-h246-cgh4-7475", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h246-cgh4-7475" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475", "reference_id": "GHSA-h246-cgh4-7475", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:20Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41890", "GHSA-h246-cgh4-7475" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3zd4-d2hc-87at" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205527?format=api", "vulnerability_id": "VCID-5f52-bwtt-m3hn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41889", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31153", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41889" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:23Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/e9e95553e5411834d215e6770c81a83a3d0866ce", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:23Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/e9e95553e5411834d215e6770c81a83a3d0866ce" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41889", "reference_id": "CVE-2022-41889", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41889" }, { "reference_url": "https://github.com/advisories/GHSA-xxcj-rhqg-m46g", "reference_id": "GHSA-xxcj-rhqg-m46g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xxcj-rhqg-m46g" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xxcj-rhqg-m46g", "reference_id": "GHSA-xxcj-rhqg-m46g", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:23Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xxcj-rhqg-m46g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41889", "GHSA-xxcj-rhqg-m46g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5f52-bwtt-m3hn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205524?format=api", "vulnerability_id": "VCID-5m3b-x2b2-nfer", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35228", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41886" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/image_ops.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/image_ops.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8faa6ea692985dbe6ce10e1a3168e0bd60a723ba", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8faa6ea692985dbe6ce10e1a3168e0bd60a723ba" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41886", "reference_id": "CVE-2022-41886", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41886" }, { "reference_url": "https://github.com/advisories/GHSA-54pp-c6pp-7fpx", "reference_id": "GHSA-54pp-c6pp-7fpx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-54pp-c6pp-7fpx" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx", "reference_id": "GHSA-54pp-c6pp-7fpx", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41886", "GHSA-54pp-c6pp-7fpx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5m3b-x2b2-nfer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205538?format=api", "vulnerability_id": "VCID-5qwh-rm2h-ekc7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57712", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41901" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse/sparse_matrix.h", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse/sparse_matrix.h" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/f856d02e5322821aad155dad9b3acab1e9f5d693", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/f856d02e5322821aad155dad9b3acab1e9f5d693" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41901", "reference_id": "CVE-2022-41901", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41901" }, { "reference_url": "https://github.com/advisories/GHSA-g9fm-r5mm-rf9f", "reference_id": "GHSA-g9fm-r5mm-rf9f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g9fm-r5mm-rf9f" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f", "reference_id": "GHSA-g9fm-r5mm-rf9f", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41901", "GHSA-g9fm-r5mm-rf9f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qwh-rm2h-ekc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205530?format=api", "vulnerability_id": "VCID-6apy-b5ev-hkcj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41219", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41893" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:13Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/888e34b49009a4e734c27ab0c43b0b5102682c56", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:13Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/888e34b49009a4e734c27ab0c43b0b5102682c56" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41893", "reference_id": "CVE-2022-41893", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41893" }, { "reference_url": "https://github.com/advisories/GHSA-67pf-62xr-q35m", "reference_id": "GHSA-67pf-62xr-q35m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-67pf-62xr-q35m" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m", "reference_id": "GHSA-67pf-62xr-q35m", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:13Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41893", "GHSA-67pf-62xr-q35m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6apy-b5ev-hkcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17167?format=api", "vulnerability_id": "VCID-6cr3-ywr5-f7e6", "summary": "Heap-based Buffer Overflow\nTensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01465", "scoring_system": "epss", "scoring_elements": "0.81202", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25668" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/7b174a0f2e40ff3f3aa957aecddfd5aaae35eccb", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:32:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/7b174a0f2e40ff3f3aa957aecddfd5aaae35eccb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25668", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25668" }, { "reference_url": "https://github.com/advisories/GHSA-gw97-ff7c-9v96", "reference_id": "GHSA-gw97-ff7c-9v96", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gw97-ff7c-9v96" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96", "reference_id": "GHSA-gw97-ff7c-9v96", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:32:32Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25668", "GHSA-gw97-ff7c-9v96" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6cr3-ywr5-f7e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/224122?format=api", "vulnerability_id": "VCID-6nyr-2edx-5qg6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11264", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33976" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6fa05df43b00038b048f4f0e51ef522da6532fec", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:13:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/6fa05df43b00038b048f4f0e51ef522da6532fec" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:13:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33976", "reference_id": "CVE-2023-33976", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33976" }, { "reference_url": "https://github.com/advisories/GHSA-gjh7-xx4r-x345", "reference_id": "GHSA-gjh7-xx4r-x345", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gjh7-xx4r-x345" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345", "reference_id": "GHSA-gjh7-xx4r-x345", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:13:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/82312?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.12.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.12.1" } ], "aliases": [ "CVE-2023-33976", "GHSA-gjh7-xx4r-x345" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6nyr-2edx-5qg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205525?format=api", "vulnerability_id": "VCID-77cw-2wuq-nued", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34019", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41887" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/cwise_ops_common.h", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:29Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/cwise_ops_common.h" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/keras/losses.py", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:29Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/keras/losses.py" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/c5b30379ba87cbe774b08ac50c1f6d36df4ebb7c", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:29Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/c5b30379ba87cbe774b08ac50c1f6d36df4ebb7c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41887", "reference_id": "CVE-2022-41887", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41887" }, { "reference_url": "https://github.com/advisories/GHSA-8fvv-46hw-vpg3", "reference_id": "GHSA-8fvv-46hw-vpg3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8fvv-46hw-vpg3" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fvv-46hw-vpg3", "reference_id": "GHSA-8fvv-46hw-vpg3", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:29Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fvv-46hw-vpg3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41887", "GHSA-8fvv-46hw-vpg3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77cw-2wuq-nued" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205536?format=api", "vulnerability_id": "VCID-7guk-jpt3-eka8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40259", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41899" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sdca_internal.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sdca_internal.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/80ff197d03db2a70c6a111f97dcdacad1b0babfa", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/80ff197d03db2a70c6a111f97dcdacad1b0babfa" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41899", "reference_id": "CVE-2022-41899", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41899" }, { "reference_url": "https://github.com/advisories/GHSA-27rc-728f-x5w2", "reference_id": "GHSA-27rc-728f-x5w2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-27rc-728f-x5w2" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2", "reference_id": "GHSA-27rc-728f-x5w2", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:53Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41899", "GHSA-27rc-728f-x5w2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7guk-jpt3-eka8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17161?format=api", "vulnerability_id": "VCID-8dhx-4a17-rbcj", "summary": "NULL Pointer Dereference\nTensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47215", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25670" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8a47a39d9697969206d23a523c977238717e8727", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:41:15Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8a47a39d9697969206d23a523c977238717e8727" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25670", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25670" }, { "reference_url": "https://github.com/advisories/GHSA-49rq-hwc3-x77w", "reference_id": "GHSA-49rq-hwc3-x77w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-49rq-hwc3-x77w" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w", "reference_id": "GHSA-49rq-hwc3-x77w", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:41:15Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25670", "GHSA-49rq-hwc3-x77w" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8dhx-4a17-rbcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17155?format=api", "vulnerability_id": "VCID-9686-ufak-6ufd", "summary": "Incorrect Comparison\nTensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25673", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.5155", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25673" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:15:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25673", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25673" }, { "reference_url": "https://github.com/advisories/GHSA-647v-r7qq-24fh", "reference_id": "GHSA-647v-r7qq-24fh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-647v-r7qq-24fh" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-647v-r7qq-24fh", "reference_id": "GHSA-647v-r7qq-24fh", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:15:44Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-647v-r7qq-24fh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25673", "GHSA-647v-r7qq-24fh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9686-ufak-6ufd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17171?format=api", "vulnerability_id": "VCID-ayew-3cca-tyhz", "summary": "NULL Pointer Dereference\nTensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25676", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47215", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25676" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/da66bc6d5ff466aee084f9e7397980a24890cd15", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:43:05Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/da66bc6d5ff466aee084f9e7397980a24890cd15" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25676", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25676" }, { "reference_url": "https://github.com/advisories/GHSA-6wfh-89q8-44jq", "reference_id": "GHSA-6wfh-89q8-44jq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6wfh-89q8-44jq" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq", "reference_id": "GHSA-6wfh-89q8-44jq", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:43:05Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25676", "GHSA-6wfh-89q8-44jq" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ayew-3cca-tyhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205544?format=api", "vulnerability_id": "VCID-bby1-jzms-6fgm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54712", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41908" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:38Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/9f03a9d3bafe902c1e6beb105b2f24172f238645", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:38Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/9f03a9d3bafe902c1e6beb105b2f24172f238645" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41908", "reference_id": "CVE-2022-41908", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41908" }, { "reference_url": "https://github.com/advisories/GHSA-mv77-9g28-cwg3", "reference_id": "GHSA-mv77-9g28-cwg3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mv77-9g28-cwg3" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3", "reference_id": "GHSA-mv77-9g28-cwg3", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:38Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41908", "GHSA-mv77-9g28-cwg3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bby1-jzms-6fgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17156?format=api", "vulnerability_id": "VCID-d6hn-ppha-buc1", "summary": "Incorrect Comparison\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42803", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25669" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1295ae4dbb52fe06b19733b0257e2340d7b63b8d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:33:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1295ae4dbb52fe06b19733b0257e2340d7b63b8d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25669" }, { "reference_url": "https://github.com/advisories/GHSA-rcf8-g8jv-vg6p", "reference_id": "GHSA-rcf8-g8jv-vg6p", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rcf8-g8jv-vg6p" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p", "reference_id": "GHSA-rcf8-g8jv-vg6p", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:33:22Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25669", "GHSA-rcf8-g8jv-vg6p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d6hn-ppha-buc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17153?format=api", "vulnerability_id": "VCID-dbu5-btf9-2bee", "summary": "NULL Pointer Dereference\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter `summarize` of `tf.raw_ops.Print` is zero, the new method `SummarizeArray<bool>` will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25660", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47215", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25660" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:30:06Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25660", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25660" }, { "reference_url": "https://github.com/advisories/GHSA-qjqc-vqcf-5qvj", "reference_id": "GHSA-qjqc-vqcf-5qvj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qjqc-vqcf-5qvj" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj", "reference_id": "GHSA-qjqc-vqcf-5qvj", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:30:06Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25660", "GHSA-qjqc-vqcf-5qvj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dbu5-btf9-2bee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17154?format=api", "vulnerability_id": "VCID-dgbb-1rft-7kdr", "summary": "Integer Overflow or Wraparound\nTensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 is vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35483", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/08b8e18643d6dcde00890733b270ff8d9960c56c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:37:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/08b8e18643d6dcde00890733b270ff8d9960c56c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25662", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25662" }, { "reference_url": "https://github.com/advisories/GHSA-7jvm-xxmr-v5cw", "reference_id": "GHSA-7jvm-xxmr-v5cw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7jvm-xxmr-v5cw" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw", "reference_id": "GHSA-7jvm-xxmr-v5cw", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:37:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25662", "GHSA-7jvm-xxmr-v5cw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgbb-1rft-7kdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17173?format=api", "vulnerability_id": "VCID-djkj-bbaq-6kdr", "summary": "NULL Pointer Dereference\nTensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60368", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25674" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:16:05Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25674", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25674" }, { "reference_url": "https://github.com/advisories/GHSA-gf97-q72m-7579", "reference_id": "GHSA-gf97-q72m-7579", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gf97-q72m-7579" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579", "reference_id": "GHSA-gf97-q72m-7579", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:16:05Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25674", "GHSA-gf97-q72m-7579" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-djkj-bbaq-6kdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205529?format=api", "vulnerability_id": "VCID-dk2p-s22p-hbd8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40259", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41891" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.h", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:16Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.h" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/fc33f3dc4c14051a83eec6535b608abe1d355fde", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:16Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/fc33f3dc4c14051a83eec6535b608abe1d355fde" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41891", "reference_id": "CVE-2022-41891", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41891" }, { "reference_url": "https://github.com/advisories/GHSA-66vq-54fq-6jvv", "reference_id": "GHSA-66vq-54fq-6jvv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-66vq-54fq-6jvv" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv", "reference_id": "GHSA-66vq-54fq-6jvv", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:16Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41891", "GHSA-66vq-54fq-6jvv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dk2p-s22p-hbd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17159?format=api", "vulnerability_id": "VCID-dx1v-hfa1-xfg6", "summary": "NULL Pointer Dereference\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31359", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25665" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:30:58Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25665", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25665" }, { "reference_url": "https://github.com/advisories/GHSA-558h-mq8x-7q9g", "reference_id": "GHSA-558h-mq8x-7q9g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-558h-mq8x-7q9g" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g", "reference_id": "GHSA-558h-mq8x-7q9g", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:30:58Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25665", "GHSA-558h-mq8x-7q9g" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dx1v-hfa1-xfg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17174?format=api", "vulnerability_id": "VCID-f58d-1zga-jkf2", "summary": "NULL Pointer Dereference\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `ctx->step_containter()` is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42957", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25663" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/239139d2ae6a81ae9ba499ad78b56d9b2931538a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:38:12Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/239139d2ae6a81ae9ba499ad78b56d9b2931538a" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25663", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25663" }, { "reference_url": "https://github.com/advisories/GHSA-64jg-wjww-7c5w", "reference_id": "GHSA-64jg-wjww-7c5w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-64jg-wjww-7c5w" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w", "reference_id": "GHSA-64jg-wjww-7c5w", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:38:12Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25663", "GHSA-64jg-wjww-7c5w" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f58d-1zga-jkf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8290?format=api", "vulnerability_id": "VCID-ffkg-sa3q-8qfq", "summary": "Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a `DCHECK` (which is a no-op during production). An attacker can control the `input_idx` variable such that `ix` would be larger than the number of values in `node_t.args`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23592", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54937", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23592" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-101.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-101.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-156.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-156.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq36-27g6-p492", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq36-27g6-p492" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23592", "reference_id": "CVE-2022-23592", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23592" }, { "reference_url": "https://github.com/advisories/GHSA-vq36-27g6-p492", "reference_id": "GHSA-vq36-27g6-p492", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vq36-27g6-p492" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25375?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15h4-876j-3bdz" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-1vxc-sbk4-77ef" }, { "vulnerability": "VCID-1w3g-z5ja-q7cr" }, { "vulnerability": "VCID-21pb-qyv3-27cj" }, { "vulnerability": "VCID-2311-hknw-2ubh" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-32uz-pmsu-dycn" }, { "vulnerability": "VCID-3dun-j9ep-3ugk" }, { "vulnerability": "VCID-3erq-zcrk-qqaf" }, { "vulnerability": "VCID-3esk-gwz9-wfa4" }, { "vulnerability": "VCID-3fd6-8rv4-8qh3" }, { "vulnerability": "VCID-3s87-vf5k-cycp" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-3zd4-d2hc-87at" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-4mky-qp2e-vbhg" }, { "vulnerability": "VCID-4sj6-vagv-2qe4" }, { "vulnerability": "VCID-4tyf-xfhm-d3cm" }, { "vulnerability": "VCID-4xpd-4a11-k3b7" }, { "vulnerability": "VCID-5f52-bwtt-m3hn" }, { "vulnerability": "VCID-5m3b-x2b2-nfer" }, { "vulnerability": "VCID-5qwh-rm2h-ekc7" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-62y1-pd1b-vqhr" }, { "vulnerability": "VCID-6apy-b5ev-hkcj" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-7cu6-jt1f-q7hq" }, { "vulnerability": "VCID-7guk-jpt3-eka8" }, { "vulnerability": "VCID-7nkk-5pdm-uyck" }, { "vulnerability": "VCID-83t5-dg3c-5qa2" }, { "vulnerability": "VCID-842j-9ffd-rfcx" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-8dwk-hykt-93a5" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-9hzh-a72m-nya3" }, { "vulnerability": "VCID-ah8y-bmdk-5khm" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-b9p4-ta3s-wbeu" }, { "vulnerability": "VCID-bby1-jzms-6fgm" }, { "vulnerability": "VCID-bjrr-3t28-rqgp" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-degg-b7w4-jyg7" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-djxs-vpxa-5bav" }, { "vulnerability": "VCID-dk2p-s22p-hbd8" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-e7nb-5swt-r3c9" }, { "vulnerability": "VCID-ebu7-ts8t-43br" }, { "vulnerability": "VCID-etu4-tnze-h3ag" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-f8ut-vanr-1qbz" }, { "vulnerability": "VCID-fr8d-65tt-a7bw" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-gnns-f4aa-wuas" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-gqh9-w7d2-r7ap" }, { "vulnerability": "VCID-hdth-hp7r-ebfs" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-hjd9-vujt-g7d2" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-jmr2-tp5q-6qau" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-kdhk-ygud-9bft" }, { "vulnerability": "VCID-kjwx-6qbk-37ak" }, { "vulnerability": "VCID-m4j4-decm-tkb6" }, { "vulnerability": "VCID-mrjt-fjbf-gyeh" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-nekm-7jcz-a3au" }, { "vulnerability": "VCID-nwcb-zuc2-hudk" }, { "vulnerability": "VCID-nymb-futt-vqgf" }, { "vulnerability": "VCID-q2n9-eckv-jubc" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-re7v-rdvx-9bav" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsm8-1q5j-7yac" }, { "vulnerability": "VCID-rzxq-vcmu-m7h5" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sb8m-6jmx-bkh4" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-ss5q-9rxf-pygf" }, { "vulnerability": "VCID-svbx-mnnb-eqbg" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uh53-ed93-cfhj" }, { "vulnerability": "VCID-unq7-3j4j-q3ew" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-ux3x-2756-n3av" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" }, { "vulnerability": "VCID-v6cz-tyns-73br" }, { "vulnerability": "VCID-vbq8-42vx-b3hz" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-wm5z-8hpe-1ug6" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x1r9-72db-xqf6" }, { "vulnerability": "VCID-xp3m-ntp9-6bf4" }, { "vulnerability": "VCID-y5s1-jyr5-eqfa" }, { "vulnerability": "VCID-y9yr-d3rq-97dq" }, { "vulnerability": "VCID-yvdh-xkxd-uyb2" }, { "vulnerability": "VCID-yx57-74vr-rfes" }, { "vulnerability": "VCID-z5zj-88jh-cked" }, { "vulnerability": "VCID-z6dc-pprc-buar" }, { "vulnerability": "VCID-zc6k-2kds-afht" }, { "vulnerability": "VCID-zd9x-yen4-pkdf" }, { "vulnerability": "VCID-ztrz-qnwj-2fhd" }, { "vulnerability": "VCID-zts1-n99c-cuh1" }, { "vulnerability": "VCID-zun3-rnh3-h3e7" }, { "vulnerability": "VCID-zw94-ns7h-6qg3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.0" } ], "aliases": [ "BIT-tensorflow-2022-23592", "CVE-2022-23592", "GHSA-vq36-27g6-p492", "PYSEC-2022-101", "PYSEC-2022-156" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ffkg-sa3q-8qfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17178?format=api", "vulnerability_id": "VCID-gecu-uvpb-6yak", "summary": "TensorFlow Denial of Service vulnerability\n### Impact\nA malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack.\nTo minimize the bug, we built a simple single-layer TensorFlow model containing a Convolution3DTranspose layer, which works well with expected inputs and can be deployed in real-world systems. However, if we call the model with a malicious input which has a zero dimension, it gives Check Failed failure and crashes.\n```python\nimport tensorflow as tf\n\nclass MyModel(tf.keras.Model):\n def __init__(self):\n super().__init__()\n self.conv = tf.keras.layers.Convolution3DTranspose(2, [3,3,3], padding=\"same\")\n \n def call(self, input):\n return self.conv(input)\nmodel = MyModel() # Defines a valid model.\n\nx = tf.random.uniform([1, 32, 32, 32, 3], minval=0, maxval=0, dtype=tf.float32) # This is a valid input.\noutput = model.predict(x)\nprint(output.shape) # (1, 32, 32, 32, 2)\n\nx = tf.random.uniform([1, 32, 32, 0, 3], dtype=tf.float32) # This is an invalid input.\noutput = model(x) # crash\n```\nThis Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services.\n\n### Patches\nWe have patched the issue in\n- GitHub commit [948fe6369a5711d4b4568ea9bbf6015c6dfb77e2](https://github.com/tensorflow/tensorflow/commit/948fe6369a5711d4b4568ea9bbf6015c6dfb77e2)\n - GitHub commit [85db5d07db54b853484bfd358c3894d948c36baf](https://github.com/keras-team/keras/commit/85db5d07db54b853484bfd358c3894d948c36baf). \n\nThe fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1\n\n\n ### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25661", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37035", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25661" }, { "reference_url": "https://github.com/keras-team/keras/commit/85db5d07db54b853484bfd358c3894d948c36baf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/keras-team/keras/commit/85db5d07db54b853484bfd358c3894d948c36baf" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/948fe6369a5711d4b4568ea9bbf6015c6dfb77e2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T15:25:34Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/948fe6369a5711d4b4568ea9bbf6015c6dfb77e2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25661", "reference_id": "CVE-2023-25661", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25661" }, { "reference_url": "https://github.com/advisories/GHSA-fxgc-95xx-grvq", "reference_id": "GHSA-fxgc-95xx-grvq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fxgc-95xx-grvq" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq", "reference_id": "GHSA-fxgc-95xx-grvq", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T15:25:34Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25661", "GHSA-fxgc-95xx-grvq" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gecu-uvpb-6yak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17160?format=api", "vulnerability_id": "VCID-gpta-cf34-vkfe", "summary": "Out-of-bounds Read\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter `indices` for `DynamicStitch` does not match the shape of the parameter `data`, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25659", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42488", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25659" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ee004b18b976eeb5a758020af8880236cd707d05", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:34:25Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ee004b18b976eeb5a758020af8880236cd707d05" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25659", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25659" }, { "reference_url": "https://github.com/advisories/GHSA-93vr-9q9m-pj8p", "reference_id": "GHSA-93vr-9q9m-pj8p", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-93vr-9q9m-pj8p" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p", "reference_id": "GHSA-93vr-9q9m-pj8p", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:34:25Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25659", "GHSA-93vr-9q9m-pj8p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gpta-cf34-vkfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17169?format=api", "vulnerability_id": "VCID-hdyy-j28t-wyc1", "summary": "Heap-based Buffer Overflow\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25594", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25664" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ddaac2bdd099bec5d7923dea45276a7558217e5b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:38:56Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ddaac2bdd099bec5d7923dea45276a7558217e5b" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25664", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25664" }, { "reference_url": "https://github.com/advisories/GHSA-6hg6-5c2q-7rcr", "reference_id": "GHSA-6hg6-5c2q-7rcr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6hg6-5c2q-7rcr" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr", "reference_id": "GHSA-6hg6-5c2q-7rcr", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:38:56Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25664", "GHSA-6hg6-5c2q-7rcr" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hdyy-j28t-wyc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17157?format=api", "vulnerability_id": "VCID-r6tc-xmds-nyhv", "summary": "Out-of-bounds Write\nTensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.55131", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25671" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/2eedc8f676d2c3b8be9492e547b2bc814c10b367", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:42:11Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/2eedc8f676d2c3b8be9492e547b2bc814c10b367" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/760322a71ac9033e122ef1f4b1c62813021e5938", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:42:11Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/760322a71ac9033e122ef1f4b1c62813021e5938" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25671", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25671" }, { "reference_url": "https://github.com/advisories/GHSA-j5w9-hmfh-4cr6", "reference_id": "GHSA-j5w9-hmfh-4cr6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j5w9-hmfh-4cr6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j5w9-hmfh-4cr6", "reference_id": "GHSA-j5w9-hmfh-4cr6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:42:11Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j5w9-hmfh-4cr6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25671", "GHSA-j5w9-hmfh-4cr6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r6tc-xmds-nyhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205534?format=api", "vulnerability_id": "VCID-rzxq-vcmu-m7h5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35228", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41897" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:01Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d71090c3e5ca325bdf4b02eb236cfb3ee823e927", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:01Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d71090c3e5ca325bdf4b02eb236cfb3ee823e927" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41897", "reference_id": "CVE-2022-41897", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41897" }, { "reference_url": "https://github.com/advisories/GHSA-f2w8-jw48-fr7j", "reference_id": "GHSA-f2w8-jw48-fr7j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f2w8-jw48-fr7j" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j", "reference_id": "GHSA-f2w8-jw48-fr7j", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:01Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41897", "GHSA-f2w8-jw48-fr7j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzxq-vcmu-m7h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17164?format=api", "vulnerability_id": "VCID-s8hv-3hsb-mfca", "summary": "Incorrect Comparison\nTensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater `filter_input_channel` of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27579", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42803", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27579" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:44:58Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27579", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27579" }, { "reference_url": "https://github.com/advisories/GHSA-5w96-866f-6rm8", "reference_id": "GHSA-5w96-866f-6rm8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5w96-866f-6rm8" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8", "reference_id": "GHSA-5w96-866f-6rm8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:44:58Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-27579", "GHSA-5w96-866f-6rm8" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s8hv-3hsb-mfca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205518?format=api", "vulnerability_id": "VCID-svbx-mnnb-eqbg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.366", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41880" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/candidate_sampler_ops.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:45Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/candidate_sampler_ops.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/b389f5c944cadfdfe599b3f1e4026e036f30d2d4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:45Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/b389f5c944cadfdfe599b3f1e4026e036f30d2d4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41880", "reference_id": "CVE-2022-41880", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41880" }, { "reference_url": "https://github.com/advisories/GHSA-8w5g-3wcv-9g2j", "reference_id": "GHSA-8w5g-3wcv-9g2j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8w5g-3wcv-9g2j" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j", "reference_id": "GHSA-8w5g-3wcv-9g2j", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:45Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41880", "GHSA-8w5g-3wcv-9g2j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-svbx-mnnb-eqbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17172?format=api", "vulnerability_id": "VCID-sxk5-athp-f7f1", "summary": "NULL Pointer Dereference\nTensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25672", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28245", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25672" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/980b22536abcbbe1b4a5642fc940af33d8c19b69", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:14:12Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/980b22536abcbbe1b4a5642fc940af33d8c19b69" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25672", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25672" }, { "reference_url": "https://github.com/advisories/GHSA-94mm-g2mv-8p7r", "reference_id": "GHSA-94mm-g2mv-8p7r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-94mm-g2mv-8p7r" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-94mm-g2mv-8p7r", "reference_id": "GHSA-94mm-g2mv-8p7r", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:14:12Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-94mm-g2mv-8p7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25672", "GHSA-94mm-g2mv-8p7r" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sxk5-athp-f7f1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17165?format=api", "vulnerability_id": "VCID-u133-f98p-zqec", "summary": "Incorrect Comparison\nTensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25675", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42803", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25675" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/8ae76cf085f4be26295d2ecf2081e759e04b8acf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:23:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/8ae76cf085f4be26295d2ecf2081e759e04b8acf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25675", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25675" }, { "reference_url": "https://github.com/advisories/GHSA-7x4v-9gxg-9hwj", "reference_id": "GHSA-7x4v-9gxg-9hwj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7x4v-9gxg-9hwj" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj", "reference_id": "GHSA-7x4v-9gxg-9hwj", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:23:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25675", "GHSA-7x4v-9gxg-9hwj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u133-f98p-zqec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17158?format=api", "vulnerability_id": "VCID-uwq2-a5hb-9fhd", "summary": "Out-of-bounds Read\nTensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, an out-of-bounds read is in GRUBlockCellGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25658", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16979", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25658" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ff459137c2716a2a60f7d441b855fcb466d778cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:13:25Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ff459137c2716a2a60f7d441b855fcb466d778cb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25658", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25658" }, { "reference_url": "https://github.com/advisories/GHSA-68v3-g9cm-rmm6", "reference_id": "GHSA-68v3-g9cm-rmm6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-68v3-g9cm-rmm6" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6", "reference_id": "GHSA-68v3-g9cm-rmm6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:13:25Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25658", "GHSA-68v3-g9cm-rmm6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwq2-a5hb-9fhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17175?format=api", "vulnerability_id": "VCID-uxg4-9qfy-tbg6", "summary": "Double Free\nTensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2` require the first and fourth elements of their parameter `pooling_ratio` to be equal to 1.0, as pooling on batch and channel dimensions is not supported. A fix is included in TensorFlow 2.12.0 and 2.11.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25146", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25801" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/ee50d1e00f81f62a4517453f721c634bbb478307", "reference_id": "", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:44:21Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/ee50d1e00f81f62a4517453f721c634bbb478307" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25801", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25801" }, { "reference_url": "https://github.com/advisories/GHSA-f49c-87jh-g47q", "reference_id": "GHSA-f49c-87jh-g47q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f49c-87jh-g47q" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q", "reference_id": "GHSA-f49c-87jh-g47q", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:44:21Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63221?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6nyr-2edx-5qg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.11.1" } ], "aliases": [ "CVE-2023-25801", "GHSA-f49c-87jh-g47q" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uxg4-9qfy-tbg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8300?format=api", "vulnerability_id": "VCID-uyv6-cmed-a7c3", "summary": "Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23593", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54327", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23593" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-102.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-102.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-157.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-157.yaml" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23593", "reference_id": "CVE-2022-23593", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23593" }, { "reference_url": "https://github.com/advisories/GHSA-gwcx-jrx4-92w2", "reference_id": "GHSA-gwcx-jrx4-92w2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gwcx-jrx4-92w2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25375?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15h4-876j-3bdz" }, { "vulnerability": "VCID-1hbp-9n5x-tyda" }, { "vulnerability": "VCID-1vxc-sbk4-77ef" }, { "vulnerability": "VCID-1w3g-z5ja-q7cr" }, { "vulnerability": "VCID-21pb-qyv3-27cj" }, { "vulnerability": "VCID-2311-hknw-2ubh" }, { "vulnerability": "VCID-2tx7-szke-f7d8" }, { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-32uz-pmsu-dycn" }, { "vulnerability": "VCID-3dun-j9ep-3ugk" }, { "vulnerability": "VCID-3erq-zcrk-qqaf" }, { "vulnerability": "VCID-3esk-gwz9-wfa4" }, { "vulnerability": "VCID-3fd6-8rv4-8qh3" }, { "vulnerability": "VCID-3s87-vf5k-cycp" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-3zd4-d2hc-87at" }, { "vulnerability": "VCID-41ax-nrcf-yygf" }, { "vulnerability": "VCID-4fcy-hbcs-cuan" }, { "vulnerability": "VCID-4mky-qp2e-vbhg" }, { "vulnerability": "VCID-4sj6-vagv-2qe4" }, { "vulnerability": "VCID-4tyf-xfhm-d3cm" }, { "vulnerability": "VCID-4xpd-4a11-k3b7" }, { "vulnerability": "VCID-5f52-bwtt-m3hn" }, { "vulnerability": "VCID-5m3b-x2b2-nfer" }, { "vulnerability": "VCID-5qwh-rm2h-ekc7" }, { "vulnerability": "VCID-62er-23uz-6qgu" }, { "vulnerability": "VCID-62y1-pd1b-vqhr" }, { "vulnerability": "VCID-6apy-b5ev-hkcj" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-7cu6-jt1f-q7hq" }, { "vulnerability": "VCID-7guk-jpt3-eka8" }, { "vulnerability": "VCID-7nkk-5pdm-uyck" }, { "vulnerability": "VCID-83t5-dg3c-5qa2" }, { "vulnerability": "VCID-842j-9ffd-rfcx" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-8dwk-hykt-93a5" }, { "vulnerability": "VCID-8zqb-tqfq-7ud7" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-9hzh-a72m-nya3" }, { "vulnerability": "VCID-ah8y-bmdk-5khm" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-b4hf-5gqs-yfbw" }, { "vulnerability": "VCID-b9p4-ta3s-wbeu" }, { "vulnerability": "VCID-bby1-jzms-6fgm" }, { "vulnerability": "VCID-bjrr-3t28-rqgp" }, { "vulnerability": "VCID-bn6z-c98v-n7bf" }, { "vulnerability": "VCID-d1hw-1fdb-kfhq" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-degg-b7w4-jyg7" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-djxs-vpxa-5bav" }, { "vulnerability": "VCID-dk2p-s22p-hbd8" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-e7nb-5swt-r3c9" }, { "vulnerability": "VCID-ebu7-ts8t-43br" }, { "vulnerability": "VCID-etu4-tnze-h3ag" }, { "vulnerability": "VCID-exym-4mq2-rkbj" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-f8ut-vanr-1qbz" }, { "vulnerability": "VCID-fr8d-65tt-a7bw" }, { "vulnerability": "VCID-g5zp-g143-a3hk" }, { "vulnerability": "VCID-g7ud-1f9c-u7bn" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gh9u-ufcn-6khx" }, { "vulnerability": "VCID-gnns-f4aa-wuas" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-gqh9-w7d2-r7ap" }, { "vulnerability": "VCID-hdth-hp7r-ebfs" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-hjd9-vujt-g7d2" }, { "vulnerability": "VCID-jg5r-hv3s-kuh3" }, { "vulnerability": "VCID-jmr2-tp5q-6qau" }, { "vulnerability": "VCID-k3rw-xwzv-1uer" }, { "vulnerability": "VCID-kdhk-ygud-9bft" }, { "vulnerability": "VCID-kjwx-6qbk-37ak" }, { "vulnerability": "VCID-m4j4-decm-tkb6" }, { "vulnerability": "VCID-mrjt-fjbf-gyeh" }, { "vulnerability": "VCID-mzvs-ne4v-4qh7" }, { "vulnerability": "VCID-nekm-7jcz-a3au" }, { "vulnerability": "VCID-nwcb-zuc2-hudk" }, { "vulnerability": "VCID-nymb-futt-vqgf" }, { "vulnerability": "VCID-q2n9-eckv-jubc" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-re7v-rdvx-9bav" }, { "vulnerability": "VCID-rgug-8jmj-e7hw" }, { "vulnerability": "VCID-rsm8-1q5j-7yac" }, { "vulnerability": "VCID-rzxq-vcmu-m7h5" }, { "vulnerability": "VCID-s3fs-8v2b-zqem" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sb8m-6jmx-bkh4" }, { "vulnerability": "VCID-sbpr-dnvt-x7eu" }, { "vulnerability": "VCID-ss5q-9rxf-pygf" }, { "vulnerability": "VCID-svbx-mnnb-eqbg" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-tru4-6hk6-yydu" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uh53-ed93-cfhj" }, { "vulnerability": "VCID-unq7-3j4j-q3ew" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-ux3x-2756-n3av" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" }, { "vulnerability": "VCID-v6cz-tyns-73br" }, { "vulnerability": "VCID-vbq8-42vx-b3hz" }, { "vulnerability": "VCID-wfh9-ew6v-nyhy" }, { "vulnerability": "VCID-wm5z-8hpe-1ug6" }, { "vulnerability": "VCID-ww95-y388-3ben" }, { "vulnerability": "VCID-x1r9-72db-xqf6" }, { "vulnerability": "VCID-xp3m-ntp9-6bf4" }, { "vulnerability": "VCID-y5s1-jyr5-eqfa" }, { "vulnerability": "VCID-y9yr-d3rq-97dq" }, { "vulnerability": "VCID-yvdh-xkxd-uyb2" }, { "vulnerability": "VCID-yx57-74vr-rfes" }, { "vulnerability": "VCID-z5zj-88jh-cked" }, { "vulnerability": "VCID-z6dc-pprc-buar" }, { "vulnerability": "VCID-zc6k-2kds-afht" }, { "vulnerability": "VCID-zd9x-yen4-pkdf" }, { "vulnerability": "VCID-ztrz-qnwj-2fhd" }, { "vulnerability": "VCID-zts1-n99c-cuh1" }, { "vulnerability": "VCID-zun3-rnh3-h3e7" }, { "vulnerability": "VCID-zw94-ns7h-6qg3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.0" } ], "aliases": [ "BIT-tensorflow-2022-23593", "CVE-2022-23593", "GHSA-gwcx-jrx4-92w2", "PYSEC-2022-102", "PYSEC-2022-157" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uyv6-cmed-a7c3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205543?format=api", "vulnerability_id": "VCID-vbq8-42vx-b3hz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35076", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41907" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/resize_nearest_neighbor_op.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:43Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/resize_nearest_neighbor_op.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/00c821af032ba9e5f5fa3fe14690c8d28a657624", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:43Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/00c821af032ba9e5f5fa3fe14690c8d28a657624" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41907", "reference_id": "CVE-2022-41907", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41907" }, { "reference_url": "https://github.com/advisories/GHSA-368v-7v32-52fx", "reference_id": "GHSA-368v-7v32-52fx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-368v-7v32-52fx" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx", "reference_id": "GHSA-368v-7v32-52fx", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:43Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41907", "GHSA-368v-7v32-52fx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbq8-42vx-b3hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205545?format=api", "vulnerability_id": "VCID-xp3m-ntp9-6bf4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00484", "scoring_system": "epss", "scoring_elements": "0.65567", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41909" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:35Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/660ce5a89eb6766834bdc303d2ab3902aef99d3d", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:35Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/660ce5a89eb6766834bdc303d2ab3902aef99d3d" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/bf594d08d377dc6a3354d9fdb494b32d45f91971", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:35Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/bf594d08d377dc6a3354d9fdb494b32d45f91971" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41909", "reference_id": "CVE-2022-41909", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41909" }, { "reference_url": "https://github.com/advisories/GHSA-rjx6-v474-2ch9", "reference_id": "GHSA-rjx6-v474-2ch9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rjx6-v474-2ch9" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9", "reference_id": "GHSA-rjx6-v474-2ch9", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:35Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41909", "GHSA-rjx6-v474-2ch9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xp3m-ntp9-6bf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205526?format=api", "vulnerability_id": "VCID-yvdh-xkxd-uyb2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41888", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47451", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41888" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/cf35502463a88ca7185a99daa7031df60b3c1c98", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/cf35502463a88ca7185a99daa7031df60b3c1c98" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41888", "reference_id": "CVE-2022-41888", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41888" }, { "reference_url": "https://github.com/advisories/GHSA-6x99-gv2v-q76v", "reference_id": "GHSA-6x99-gv2v-q76v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6x99-gv2v-q76v" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v", "reference_id": "GHSA-6x99-gv2v-q76v", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:26Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41888", "GHSA-6x99-gv2v-q76v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yvdh-xkxd-uyb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205522?format=api", "vulnerability_id": "VCID-zd9x-yen4-pkdf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32509", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41884" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41884", "reference_id": "CVE-2022-41884", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41884" }, { "reference_url": "https://github.com/advisories/GHSA-jq6x-99hj-q636", "reference_id": "GHSA-jq6x-99hj-q636", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jq6x-99hj-q636" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636", "reference_id": "GHSA-jq6x-99hj-q636", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41884", "GHSA-jq6x-99hj-q636" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zd9x-yen4-pkdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205547?format=api", "vulnerability_id": "VCID-zts1-n99c-cuh1", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36447", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41911" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:15Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:15Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41911", "reference_id": "CVE-2022-41911", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41911" }, { "reference_url": "https://github.com/advisories/GHSA-pf36-r9c6-h97j", "reference_id": "GHSA-pf36-r9c6-h97j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pf36-r9c6-h97j" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j", "reference_id": "GHSA-pf36-r9c6-h97j", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:15Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80020?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/80021?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/80019?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.10.1" } ], "aliases": [ "CVE-2022-41911", "GHSA-pf36-r9c6-h97j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zts1-n99c-cuh1" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205523?format=api", "vulnerability_id": "VCID-ux3x-2756-n3av", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37743", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41885" }, { "reference_url": "https://github.com/tensorflow/tensorflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tensorflow/tensorflow" }, { "reference_url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/conv_ops_fused_image_transform.cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:36Z/" } ], "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/conv_ops_fused_image_transform.cc" }, { "reference_url": "https://github.com/tensorflow/tensorflow/commit/d66e1d568275e6a2947de97dca7a102a211e01ce", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:36Z/" } ], "url": "https://github.com/tensorflow/tensorflow/commit/d66e1d568275e6a2947de97dca7a102a211e01ce" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41885", "reference_id": "CVE-2022-41885", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41885" }, { "reference_url": "https://github.com/advisories/GHSA-762h-vpvw-3rcx", "reference_id": "GHSA-762h-vpvw-3rcx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-762h-vpvw-3rcx" }, { "reference_url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx", "reference_id": "GHSA-762h-vpvw-3rcx", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:36Z/" } ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/80028?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.7.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vxc-sbk4-77ef" }, { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3erq-zcrk-qqaf" }, { "vulnerability": "VCID-3esk-gwz9-wfa4" }, { "vulnerability": "VCID-3s87-vf5k-cycp" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-3zd4-d2hc-87at" }, { "vulnerability": "VCID-5f52-bwtt-m3hn" }, { "vulnerability": "VCID-5m3b-x2b2-nfer" }, { "vulnerability": "VCID-5qwh-rm2h-ekc7" }, { "vulnerability": "VCID-6apy-b5ev-hkcj" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-7guk-jpt3-eka8" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-bby1-jzms-6fgm" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dk2p-s22p-hbd8" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-ffkg-sa3q-8qfq" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-rzxq-vcmu-m7h5" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-svbx-mnnb-eqbg" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" }, { "vulnerability": "VCID-uyv6-cmed-a7c3" }, { "vulnerability": "VCID-vbq8-42vx-b3hz" }, { "vulnerability": "VCID-xp3m-ntp9-6bf4" }, { "vulnerability": "VCID-yvdh-xkxd-uyb2" }, { "vulnerability": "VCID-zd9x-yen4-pkdf" }, { "vulnerability": "VCID-zts1-n99c-cuh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/77930?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vxc-sbk4-77ef" }, { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3erq-zcrk-qqaf" }, { "vulnerability": "VCID-3esk-gwz9-wfa4" }, { "vulnerability": "VCID-3s87-vf5k-cycp" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-3zd4-d2hc-87at" }, { "vulnerability": "VCID-5f52-bwtt-m3hn" }, { "vulnerability": "VCID-5m3b-x2b2-nfer" }, { "vulnerability": "VCID-5qwh-rm2h-ekc7" }, { "vulnerability": "VCID-6apy-b5ev-hkcj" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-7guk-jpt3-eka8" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-bby1-jzms-6fgm" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dk2p-s22p-hbd8" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-rzxq-vcmu-m7h5" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-svbx-mnnb-eqbg" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" }, { "vulnerability": "VCID-vbq8-42vx-b3hz" }, { "vulnerability": "VCID-xp3m-ntp9-6bf4" }, { "vulnerability": "VCID-yvdh-xkxd-uyb2" }, { "vulnerability": "VCID-zd9x-yen4-pkdf" }, { "vulnerability": "VCID-zts1-n99c-cuh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/79193?format=api", "purl": "pkg:pypi/tensorflow-cpu@2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vxc-sbk4-77ef" }, { "vulnerability": "VCID-2vyy-ktxf-y7hj" }, { "vulnerability": "VCID-3erq-zcrk-qqaf" }, { "vulnerability": "VCID-3esk-gwz9-wfa4" }, { "vulnerability": "VCID-3s87-vf5k-cycp" }, { "vulnerability": "VCID-3yjn-h25c-v3gb" }, { "vulnerability": "VCID-3zd4-d2hc-87at" }, { "vulnerability": "VCID-5f52-bwtt-m3hn" }, { "vulnerability": "VCID-5m3b-x2b2-nfer" }, { "vulnerability": "VCID-5qwh-rm2h-ekc7" }, { "vulnerability": "VCID-6apy-b5ev-hkcj" }, { "vulnerability": "VCID-6cr3-ywr5-f7e6" }, { "vulnerability": "VCID-6nyr-2edx-5qg6" }, { "vulnerability": "VCID-77cw-2wuq-nued" }, { "vulnerability": "VCID-7guk-jpt3-eka8" }, { "vulnerability": "VCID-8dhx-4a17-rbcj" }, { "vulnerability": "VCID-9686-ufak-6ufd" }, { "vulnerability": "VCID-ayew-3cca-tyhz" }, { "vulnerability": "VCID-bby1-jzms-6fgm" }, { "vulnerability": "VCID-d6hn-ppha-buc1" }, { "vulnerability": "VCID-dbu5-btf9-2bee" }, { "vulnerability": "VCID-dgbb-1rft-7kdr" }, { "vulnerability": "VCID-djkj-bbaq-6kdr" }, { "vulnerability": "VCID-dk2p-s22p-hbd8" }, { "vulnerability": "VCID-dx1v-hfa1-xfg6" }, { "vulnerability": "VCID-f58d-1zga-jkf2" }, { "vulnerability": "VCID-gecu-uvpb-6yak" }, { "vulnerability": "VCID-gpta-cf34-vkfe" }, { "vulnerability": "VCID-hdyy-j28t-wyc1" }, { "vulnerability": "VCID-r6tc-xmds-nyhv" }, { "vulnerability": "VCID-rzxq-vcmu-m7h5" }, { "vulnerability": "VCID-s8hv-3hsb-mfca" }, { "vulnerability": "VCID-svbx-mnnb-eqbg" }, { "vulnerability": "VCID-sxk5-athp-f7f1" }, { "vulnerability": "VCID-u133-f98p-zqec" }, { "vulnerability": "VCID-uwq2-a5hb-9fhd" }, { "vulnerability": "VCID-uxg4-9qfy-tbg6" }, { "vulnerability": "VCID-vbq8-42vx-b3hz" }, { "vulnerability": "VCID-xp3m-ntp9-6bf4" }, { "vulnerability": "VCID-yvdh-xkxd-uyb2" }, { "vulnerability": "VCID-zd9x-yen4-pkdf" }, { "vulnerability": "VCID-zts1-n99c-cuh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.9.1" } ], "aliases": [ "CVE-2022-41885", "GHSA-762h-vpvw-3rcx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ux3x-2756-n3av" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-cpu@2.7.4" }