Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.tensorflow/parentpom@1.2.0
purl pkg:maven/org.tensorflow/parentpom@1.2.0
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (11)
Vulnerability Summary Fixed by
VCID-7j19-q4yr-mbcs
Aliases:
BIT-tensorflow-2020-26266
CVE-2020-26266
GHSA-qhxx-j73r-qpm2
PYSEC-2020-254
PYSEC-2020-297
PYSEC-2020-332
multiple issues There are no reported fixed by versions.
VCID-8ujy-p25s-gqdr
Aliases:
BIT-tensorflow-2020-26268
CVE-2020-26268
GHSA-hhvc-g5hv-48c6
PYSEC-2020-255
PYSEC-2020-299
PYSEC-2020-334
multiple issues There are no reported fixed by versions.
VCID-9pz7-2xny-8qfp
Aliases:
CVE-2018-8825
GHSA-frxx-2m33-6wcr
PYSEC-2019-208
PYSEC-2019-226
PYSEC-2019-233
Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code (local).
1.8.0-rc0
Affected by 4 other vulnerabilities.
1.8.0
Affected by 4 other vulnerabilities.
VCID-ecm5-58n9-7qc6
Aliases:
CVE-2018-10055
GHSA-q492-f7gr-27rp
PYSEC-2019-204
PYSEC-2019-222
PYSEC-2019-229
Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.
1.7.1
Affected by 0 other vulnerabilities.
1.8.0-rc0
Affected by 4 other vulnerabilities.
VCID-fvnp-npvh-sycc
Aliases:
CVE-2018-7575
GHSA-mw6v-crh8-8533
PYSEC-2019-205
PYSEC-2019-223
PYSEC-2019-230
Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent.
1.8.0-rc0
Affected by 4 other vulnerabilities.
1.8.0
Affected by 4 other vulnerabilities.
VCID-fzxy-yrjq-23c2
Aliases:
CVE-2018-7576
GHSA-jfq2-rj7f-9gvf
PYSEC-2019-206
PYSEC-2019-224
PYSEC-2019-231
Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent.
1.7.0-rc0
Affected by 9 other vulnerabilities.
1.7.0
Affected by 8 other vulnerabilities.
VCID-q3xx-8h4b-2kez
Aliases:
BIT-tensorflow-2020-26271
CVE-2020-26271
GHSA-q263-fvxm-m5mw
PYSEC-2020-257
PYSEC-2020-302
PYSEC-2020-337
multiple issues There are no reported fixed by versions.
VCID-rb8m-tvx8-xfdd
Aliases:
CVE-2018-7577
GHSA-qx2v-j445-g354
PYSEC-2019-207
PYSEC-2019-225
PYSEC-2019-232
Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory.
1.8.0-rc0
Affected by 4 other vulnerabilities.
1.8.0
Affected by 4 other vulnerabilities.
VCID-y251-x618-kqb1
Aliases:
BIT-tensorflow-2020-26270
CVE-2020-26270
GHSA-m648-33qf-v3gp
PYSEC-2020-256
PYSEC-2020-301
PYSEC-2020-336
multiple issues There are no reported fixed by versions.
VCID-y3ch-ejsn-3fgs
Aliases:
CVE-2018-7574
GHSA-943p-xc6m-c6gr
Out-of-bounds Read Google TensorFlow is affected by a Null Pointer Dereference vulnerability.
1.7.0-rc0
Affected by 9 other vulnerabilities.
1.7.0
Affected by 8 other vulnerabilities.
VCID-ypq1-82mr-3fcx
Aliases:
CVE-2018-21233
GHSA-h98h-8mxr-m8gx
PYSEC-2020-253
PYSEC-2020-269
PYSEC-2020-304
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc.
1.7.0
Affected by 8 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-01T05:59:53.856388+00:00 GitLab Importer Affected by VCID-y251-x618-kqb1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2020-26270.yml 38.6.0
2026-06-01T05:59:51.415284+00:00 GitLab Importer Affected by VCID-7j19-q4yr-mbcs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2020-26266.yml 38.6.0
2026-06-01T05:59:50.621589+00:00 GitLab Importer Affected by VCID-8ujy-p25s-gqdr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2020-26268.yml 38.6.0
2026-06-01T05:59:49.265472+00:00 GitLab Importer Affected by VCID-q3xx-8h4b-2kez https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2020-26271.yml 38.6.0
2026-06-01T05:46:54.807215+00:00 GitLab Importer Affected by VCID-ypq1-82mr-3fcx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2018-21233.yml 38.6.0
2026-05-31T09:56:00.620460+00:00 GitLab Importer Affected by VCID-y3ch-ejsn-3fgs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2018-7574.yml 38.6.0
2026-05-31T09:56:00.289241+00:00 GitLab Importer Affected by VCID-ecm5-58n9-7qc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2018-10055.yml 38.6.0
2026-05-31T09:55:59.426648+00:00 GitLab Importer Affected by VCID-rb8m-tvx8-xfdd https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2018-7577.yml 38.6.0
2026-05-31T09:55:58.859940+00:00 GitLab Importer Affected by VCID-fvnp-npvh-sycc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2018-7575.yml 38.6.0
2026-05-31T09:55:58.152055+00:00 GitLab Importer Affected by VCID-fzxy-yrjq-23c2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2018-7576.yml 38.6.0
2026-05-31T09:55:57.133165+00:00 GitLab Importer Affected by VCID-9pz7-2xny-8qfp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.tensorflow/parentpom/CVE-2018-8825.yml 38.6.0