Search for packages
| purl | pkg:pypi/tensorflow-gpu@2.7.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ffkg-sa3q-8qfq
Aliases: BIT-tensorflow-2022-23592 CVE-2022-23592 GHSA-vq36-27g6-p492 PYSEC-2022-101 PYSEC-2022-156 |
Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a `DCHECK` (which is a no-op during production). An attacker can control the `input_idx` variable such that `ix` would be larger than the number of values in `node_t.args`. The fix will be included in TensorFlow 2.8.0. This is the only affected version. |
Affected by 81 other vulnerabilities. |
|
VCID-uyv6-cmed-a7c3
Aliases: BIT-tensorflow-2022-23593 CVE-2022-23593 GHSA-gwcx-jrx4-92w2 PYSEC-2022-102 PYSEC-2022-157 |
Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version. |
Affected by 81 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T09:43:56.208130+00:00 | PyPI Importer | Affected by | VCID-uyv6-cmed-a7c3 | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.6.0 |
| 2026-05-31T09:43:52.771224+00:00 | PyPI Importer | Affected by | VCID-ffkg-sa3q-8qfq | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.6.0 |
| 2026-05-30T20:29:45.555303+00:00 | Pypa Importer | Affected by | VCID-uyv6-cmed-a7c3 | https://github.com/pypa/advisory-database/blob/main/vulns/tensorflow-gpu/PYSEC-2022-157.yaml | 38.6.0 |
| 2026-05-30T20:29:44.603227+00:00 | Pypa Importer | Affected by | VCID-ffkg-sa3q-8qfq | https://github.com/pypa/advisory-database/blob/main/vulns/tensorflow-gpu/PYSEC-2022-156.yaml | 38.6.0 |