Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/tensorflow-gpu@2.8.0rc0
Typepypi
Namespace
Nametensorflow-gpu
Version2.8.0rc0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1b48-dfec-4ycn
vulnerability_id VCID-1b48-dfec-4ycn
summary TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ResizeNearestNeighborGrad` is given a large `size` input, it overflows. We have patched the issue in GitHub commit 00c821af032ba9e5f5fa3fe14690c8d28a657624. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41907
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35079
published_at 2026-06-08T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.35042
published_at 2026-06-04T12:55:00Z
2
value 0.00148
scoring_system epss
scoring_elements 0.35137
published_at 2026-06-05T12:55:00Z
3
value 0.00148
scoring_system epss
scoring_elements 0.35152
published_at 2026-06-06T12:55:00Z
4
value 0.00148
scoring_system epss
scoring_elements 0.35114
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41907
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/resize_nearest_neighbor_op.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:43Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/resize_nearest_neighbor_op.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/00c821af032ba9e5f5fa3fe14690c8d28a657624
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:43Z/
url https://github.com/tensorflow/tensorflow/commit/00c821af032ba9e5f5fa3fe14690c8d28a657624
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:43Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41907
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41907
6
reference_url https://github.com/advisories/GHSA-368v-7v32-52fx
reference_id GHSA-368v-7v32-52fx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-368v-7v32-52fx
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41907, GHSA-368v-7v32-52fx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1b48-dfec-4ycn
1
url VCID-1jte-hpg7-gydx
vulnerability_id VCID-1jte-hpg7-gydx
summary 
Incorrect Comparison
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25669
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42796
published_at 2026-06-04T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.4282
published_at 2026-06-08T12:55:00Z
2
value 0.00206
scoring_system epss
scoring_elements 0.42857
published_at 2026-06-07T12:55:00Z
3
value 0.00206
scoring_system epss
scoring_elements 0.42881
published_at 2026-06-06T12:55:00Z
4
value 0.00206
scoring_system epss
scoring_elements 0.4287
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25669
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/1295ae4dbb52fe06b19733b0257e2340d7b63b8d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:33:22Z/
url https://github.com/tensorflow/tensorflow/commit/1295ae4dbb52fe06b19733b0257e2340d7b63b8d
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25669
5
reference_url https://github.com/advisories/GHSA-rcf8-g8jv-vg6p
reference_id GHSA-rcf8-g8jv-vg6p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rcf8-g8jv-vg6p
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p
reference_id GHSA-rcf8-g8jv-vg6p
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:33:22Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25669, GHSA-rcf8-g8jv-vg6p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1jte-hpg7-gydx
2
url VCID-1xee-v43t-c7c4
vulnerability_id VCID-1xee-v43t-c7c4
summary TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41910
reference_id
reference_type
scores
0
value 0.00323
scoring_system epss
scoring_elements 0.55649
published_at 2026-06-07T12:55:00Z
1
value 0.00323
scoring_system epss
scoring_elements 0.55661
published_at 2026-06-06T12:55:00Z
2
value 0.00323
scoring_system epss
scoring_elements 0.55655
published_at 2026-06-05T12:55:00Z
3
value 0.00323
scoring_system epss
scoring_elements 0.5563
published_at 2026-06-08T12:55:00Z
4
value 0.00323
scoring_system epss
scoring_elements 0.55599
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41910
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221
3
reference_url https://github.com/tensorflow/tensorflow/commit/a65411a1d69edfb16b25907ffb8f73556ce36bb7
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/commit/a65411a1d69edfb16b25907ffb8f73556ce36bb7
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-frqp-wp83-qggv
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-frqp-wp83-qggv
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41910
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41910
6
reference_url https://github.com/advisories/GHSA-frqp-wp83-qggv
reference_id GHSA-frqp-wp83-qggv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-frqp-wp83-qggv
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41910, GHSA-frqp-wp83-qggv, GMS-2022-6997, GMS-2022-7005, GMS-2022-7013
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xee-v43t-c7c4
3
url VCID-36ey-jnev-qqf8
vulnerability_id VCID-36ey-jnev-qqf8
summary 
Incorrect Comparison
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25666
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17098
published_at 2026-06-04T12:55:00Z
1
value 0.00054
scoring_system epss
scoring_elements 0.17056
published_at 2026-06-08T12:55:00Z
2
value 0.00054
scoring_system epss
scoring_elements 0.17135
published_at 2026-06-07T12:55:00Z
3
value 0.00054
scoring_system epss
scoring_elements 0.1717
published_at 2026-06-06T12:55:00Z
4
value 0.00054
scoring_system epss
scoring_elements 0.17174
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25666
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:40:27Z/
url https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25666
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25666
5
reference_url https://github.com/advisories/GHSA-f637-vh3r-vfh2
reference_id GHSA-f637-vh3r-vfh2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f637-vh3r-vfh2
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2
reference_id GHSA-f637-vh3r-vfh2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:40:27Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25666, GHSA-f637-vh3r-vfh2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-36ey-jnev-qqf8
4
url VCID-37j3-cnw5-4fch
vulnerability_id VCID-37j3-cnw5-4fch
summary 
TensorFlow has segfault in array_ops.upper_bound
`array_ops.upper_bound` causes a segfault when not given a rank 2 tensor.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-33976
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.11156
published_at 2026-06-08T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.11236
published_at 2026-06-07T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.1127
published_at 2026-06-06T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.11278
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-33976
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/commit/6fa05df43b00038b048f4f0e51ef522da6532fec
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:13:44Z/
url https://github.com/tensorflow/tensorflow/commit/6fa05df43b00038b048f4f0e51ef522da6532fec
3
reference_url https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:13:44Z/
url https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-33976
reference_id CVE-2023-33976
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-33976
5
reference_url https://github.com/advisories/GHSA-gjh7-xx4r-x345
reference_id GHSA-gjh7-xx4r-x345
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gjh7-xx4r-x345
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345
reference_id GHSA-gjh7-xx4r-x345
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:13:44Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.12.1
purl pkg:pypi/tensorflow-gpu@2.12.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.1
aliases CVE-2023-33976, GHSA-gjh7-xx4r-x345
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-37j3-cnw5-4fch
5
url VCID-42t9-hpd3-hufy
vulnerability_id VCID-42t9-hpd3-hufy
summary TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ImageProjectiveTransformV2` is given a large output shape, it overflows. We have patched the issue in GitHub commit 8faa6ea692985dbe6ce10e1a3168e0bd60a723ba. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41886
reference_id
reference_type
scores
0
value 0.0015
scoring_system epss
scoring_elements 0.35236
published_at 2026-06-08T12:55:00Z
1
value 0.0015
scoring_system epss
scoring_elements 0.35196
published_at 2026-06-04T12:55:00Z
2
value 0.0015
scoring_system epss
scoring_elements 0.35303
published_at 2026-06-05T12:55:00Z
3
value 0.0015
scoring_system epss
scoring_elements 0.35313
published_at 2026-06-06T12:55:00Z
4
value 0.0015
scoring_system epss
scoring_elements 0.35277
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41886
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/image_ops.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:32Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/image_ops.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/8faa6ea692985dbe6ce10e1a3168e0bd60a723ba
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:32Z/
url https://github.com/tensorflow/tensorflow/commit/8faa6ea692985dbe6ce10e1a3168e0bd60a723ba
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:32Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41886
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41886
6
reference_url https://github.com/advisories/GHSA-54pp-c6pp-7fpx
reference_id GHSA-54pp-c6pp-7fpx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-54pp-c6pp-7fpx
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41886, GHSA-54pp-c6pp-7fpx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42t9-hpd3-hufy
6
url VCID-6aey-qzrr-9qdk
vulnerability_id VCID-6aey-qzrr-9qdk
summary TensorFlow is an open source platform for machine learning. Inputs `dense_features` or `example_state_data` not of rank 2 will trigger a `CHECK` fail in `SdcaOptimizer`. We have patched the issue in GitHub commit 80ff197d03db2a70c6a111f97dcdacad1b0babfa. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41899
reference_id
reference_type
scores
0
value 0.00152
scoring_system epss
scoring_elements 0.35627
published_at 2026-06-07T12:55:00Z
1
value 0.00152
scoring_system epss
scoring_elements 0.35588
published_at 2026-06-08T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40253
published_at 2026-06-04T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40334
published_at 2026-06-05T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40337
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41899
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sdca_internal.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:53Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sdca_internal.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/80ff197d03db2a70c6a111f97dcdacad1b0babfa
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:53Z/
url https://github.com/tensorflow/tensorflow/commit/80ff197d03db2a70c6a111f97dcdacad1b0babfa
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:53Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41899
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41899
6
reference_url https://github.com/advisories/GHSA-27rc-728f-x5w2
reference_id GHSA-27rc-728f-x5w2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-27rc-728f-x5w2
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41899, GHSA-27rc-728f-x5w2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6aey-qzrr-9qdk
7
url VCID-6f4y-m6ca-nyf6
vulnerability_id VCID-6f4y-m6ca-nyf6
summary 
NULL Pointer Dereference
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `ctx->step_containter()` is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25663
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42948
published_at 2026-06-04T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.42974
published_at 2026-06-08T12:55:00Z
2
value 0.00206
scoring_system epss
scoring_elements 0.4301
published_at 2026-06-07T12:55:00Z
3
value 0.00206
scoring_system epss
scoring_elements 0.4303
published_at 2026-06-06T12:55:00Z
4
value 0.00206
scoring_system epss
scoring_elements 0.43022
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25663
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/239139d2ae6a81ae9ba499ad78b56d9b2931538a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:38:12Z/
url https://github.com/tensorflow/tensorflow/commit/239139d2ae6a81ae9ba499ad78b56d9b2931538a
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25663
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25663
5
reference_url https://github.com/advisories/GHSA-64jg-wjww-7c5w
reference_id GHSA-64jg-wjww-7c5w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-64jg-wjww-7c5w
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w
reference_id GHSA-64jg-wjww-7c5w
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:38:12Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25663, GHSA-64jg-wjww-7c5w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6f4y-m6ca-nyf6
8
url VCID-6yy3-r6mh-j3e8
vulnerability_id VCID-6yy3-r6mh-j3e8
summary 
NULL Pointer Dereference
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25665
reference_id
reference_type
scores
0
value 0.00125
scoring_system epss
scoring_elements 0.31244
published_at 2026-06-04T12:55:00Z
1
value 0.00125
scoring_system epss
scoring_elements 0.31211
published_at 2026-06-08T12:55:00Z
2
value 0.00125
scoring_system epss
scoring_elements 0.31243
published_at 2026-06-07T12:55:00Z
3
value 0.00125
scoring_system epss
scoring_elements 0.31278
published_at 2026-06-06T12:55:00Z
4
value 0.00125
scoring_system epss
scoring_elements 0.31312
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25665
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:30:58Z/
url https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25665
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25665
5
reference_url https://github.com/advisories/GHSA-558h-mq8x-7q9g
reference_id GHSA-558h-mq8x-7q9g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-558h-mq8x-7q9g
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g
reference_id GHSA-558h-mq8x-7q9g
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:30:58Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25665, GHSA-558h-mq8x-7q9g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6yy3-r6mh-j3e8
9
url VCID-71dj-4wgv-dkfa
vulnerability_id VCID-71dj-4wgv-dkfa
summary TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41902
reference_id
reference_type
scores
0
value 0.00295
scoring_system epss
scoring_elements 0.53077
published_at 2026-06-08T12:55:00Z
1
value 0.00295
scoring_system epss
scoring_elements 0.53052
published_at 2026-06-04T12:55:00Z
2
value 0.00295
scoring_system epss
scoring_elements 0.53113
published_at 2026-06-05T12:55:00Z
3
value 0.00295
scoring_system epss
scoring_elements 0.53121
published_at 2026-06-06T12:55:00Z
4
value 0.00295
scoring_system epss
scoring_elements 0.53102
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41902
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:46:08Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221
3
reference_url https://github.com/tensorflow/tensorflow/commit/a65411a1d69edfb16b25907ffb8f73556ce36bb7
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:46:08Z/
url https://github.com/tensorflow/tensorflow/commit/a65411a1d69edfb16b25907ffb8f73556ce36bb7
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cg88-rpvp-cjv5
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:46:08Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cg88-rpvp-cjv5
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41902
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41902
6
reference_url https://github.com/advisories/GHSA-cg88-rpvp-cjv5
reference_id GHSA-cg88-rpvp-cjv5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cg88-rpvp-cjv5
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41902, GHSA-cg88-rpvp-cjv5, GMS-2022-6995, GMS-2022-7003, GMS-2022-7011
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-71dj-4wgv-dkfa
10
url VCID-8nt4-mp8z-b3et
vulnerability_id VCID-8nt4-mp8z-b3et
summary 
Double Free
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2` require the first and fourth elements of their parameter `pooling_ratio` to be equal to 1.0, as pooling on batch and channel dimensions is not supported. A fix is included in TensorFlow 2.12.0 and 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25801
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25139
published_at 2026-06-04T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.25112
published_at 2026-06-08T12:55:00Z
2
value 0.00088
scoring_system epss
scoring_elements 0.2517
published_at 2026-06-07T12:55:00Z
3
value 0.00088
scoring_system epss
scoring_elements 0.2522
published_at 2026-06-06T12:55:00Z
4
value 0.00088
scoring_system epss
scoring_elements 0.25235
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25801
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/ee50d1e00f81f62a4517453f721c634bbb478307
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:44:21Z/
url https://github.com/tensorflow/tensorflow/commit/ee50d1e00f81f62a4517453f721c634bbb478307
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25801
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25801
5
reference_url https://github.com/advisories/GHSA-f49c-87jh-g47q
reference_id GHSA-f49c-87jh-g47q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f49c-87jh-g47q
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q
reference_id GHSA-f49c-87jh-g47q
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:44:21Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25801, GHSA-f49c-87jh-g47q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8nt4-mp8z-b3et
11
url VCID-a2bj-bk9e-7fdw
vulnerability_id VCID-a2bj-bk9e-7fdw
summary TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListConcat` is given `element_shape=[]`, it results segmentation fault which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit fc33f3dc4c14051a83eec6535b608abe1d355fde. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41891
reference_id
reference_type
scores
0
value 0.00152
scoring_system epss
scoring_elements 0.35627
published_at 2026-06-07T12:55:00Z
1
value 0.00152
scoring_system epss
scoring_elements 0.35588
published_at 2026-06-08T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40253
published_at 2026-06-04T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40334
published_at 2026-06-05T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40337
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41891
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.h
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:16Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.h
3
reference_url https://github.com/tensorflow/tensorflow/commit/fc33f3dc4c14051a83eec6535b608abe1d355fde
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:16Z/
url https://github.com/tensorflow/tensorflow/commit/fc33f3dc4c14051a83eec6535b608abe1d355fde
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:16Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41891
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41891
6
reference_url https://github.com/advisories/GHSA-66vq-54fq-6jvv
reference_id GHSA-66vq-54fq-6jvv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-66vq-54fq-6jvv
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41891, GHSA-66vq-54fq-6jvv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a2bj-bk9e-7fdw
12
url VCID-b31k-j7yk-muhz
vulnerability_id VCID-b31k-j7yk-muhz
summary 
Heap-based Buffer Overflow
TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25668
reference_id
reference_type
scores
0
value 0.01465
scoring_system epss
scoring_elements 0.81228
published_at 2026-06-04T12:55:00Z
1
value 0.01465
scoring_system epss
scoring_elements 0.81251
published_at 2026-06-08T12:55:00Z
2
value 0.01465
scoring_system epss
scoring_elements 0.81255
published_at 2026-06-07T12:55:00Z
3
value 0.01465
scoring_system epss
scoring_elements 0.81258
published_at 2026-06-06T12:55:00Z
4
value 0.01465
scoring_system epss
scoring_elements 0.81256
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25668
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/7b174a0f2e40ff3f3aa957aecddfd5aaae35eccb
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:32:32Z/
url https://github.com/tensorflow/tensorflow/commit/7b174a0f2e40ff3f3aa957aecddfd5aaae35eccb
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25668
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25668
5
reference_url https://github.com/advisories/GHSA-gw97-ff7c-9v96
reference_id GHSA-gw97-ff7c-9v96
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gw97-ff7c-9v96
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96
reference_id GHSA-gw97-ff7c-9v96
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:32:32Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25668, GHSA-gw97-ff7c-9v96
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b31k-j7yk-muhz
13
url VCID-bmq7-ywhj-w3ap
vulnerability_id VCID-bmq7-ywhj-w3ap
summary TensorFlow is an open source platform for machine learning. If `FractionMaxPoolGrad` is given outsize inputs `row_pooling_sequence` and `col_pooling_sequence`, TensorFlow will crash. We have patched the issue in GitHub commit d71090c3e5ca325bdf4b02eb236cfb3ee823e927. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41897
reference_id
reference_type
scores
0
value 0.0015
scoring_system epss
scoring_elements 0.35236
published_at 2026-06-08T12:55:00Z
1
value 0.0015
scoring_system epss
scoring_elements 0.35196
published_at 2026-06-04T12:55:00Z
2
value 0.0015
scoring_system epss
scoring_elements 0.35303
published_at 2026-06-05T12:55:00Z
3
value 0.0015
scoring_system epss
scoring_elements 0.35313
published_at 2026-06-06T12:55:00Z
4
value 0.0015
scoring_system epss
scoring_elements 0.35277
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41897
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:01Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/d71090c3e5ca325bdf4b02eb236cfb3ee823e927
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:01Z/
url https://github.com/tensorflow/tensorflow/commit/d71090c3e5ca325bdf4b02eb236cfb3ee823e927
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:01Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41897
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41897
6
reference_url https://github.com/advisories/GHSA-f2w8-jw48-fr7j
reference_id GHSA-f2w8-jw48-fr7j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f2w8-jw48-fr7j
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41897, GHSA-f2w8-jw48-fr7j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bmq7-ywhj-w3ap
14
url VCID-c1qd-61t7-2fe3
vulnerability_id VCID-c1qd-61t7-2fe3
summary 
Integer Overflow or Wraparound
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 <= num_frames * height * width * channels < 2^32`, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25667
reference_id
reference_type
scores
0
value 0.00211
scoring_system epss
scoring_elements 0.43581
published_at 2026-06-04T12:55:00Z
1
value 0.00211
scoring_system epss
scoring_elements 0.43605
published_at 2026-06-08T12:55:00Z
2
value 0.00211
scoring_system epss
scoring_elements 0.43639
published_at 2026-06-07T12:55:00Z
3
value 0.00211
scoring_system epss
scoring_elements 0.43663
published_at 2026-06-06T12:55:00Z
4
value 0.00211
scoring_system epss
scoring_elements 0.43652
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25667
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/8dc723fcdd1a6127d6c970bd2ecb18b019a1a58d
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:39:37Z/
url https://github.com/tensorflow/tensorflow/commit/8dc723fcdd1a6127d6c970bd2ecb18b019a1a58d
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25667
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25667
5
reference_url https://github.com/advisories/GHSA-fqm2-gh8w-gr68
reference_id GHSA-fqm2-gh8w-gr68
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fqm2-gh8w-gr68
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68
reference_id GHSA-fqm2-gh8w-gr68
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:39:37Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25667, GHSA-fqm2-gh8w-gr68
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1qd-61t7-2fe3
15
url VCID-cvdm-ubbq-63ew
vulnerability_id VCID-cvdm-ubbq-63ew
summary 
NULL Pointer Dereference
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter `summarize` of `tf.raw_ops.Print` is zero, the new method `SummarizeArray<bool>` will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25660
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47226
published_at 2026-06-04T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47245
published_at 2026-06-08T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47275
published_at 2026-06-07T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47293
published_at 2026-06-06T12:55:00Z
4
value 0.0024
scoring_system epss
scoring_elements 0.47291
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25660
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:30:06Z/
url https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25660
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25660
5
reference_url https://github.com/advisories/GHSA-qjqc-vqcf-5qvj
reference_id GHSA-qjqc-vqcf-5qvj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qjqc-vqcf-5qvj
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj
reference_id GHSA-qjqc-vqcf-5qvj
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:30:06Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25660, GHSA-qjqc-vqcf-5qvj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvdm-ubbq-63ew
16
url VCID-d3k4-z4f1-hfhy
vulnerability_id VCID-d3k4-z4f1-hfhy
summary Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a `DCHECK` (which is a no-op during production). An attacker can control the `input_idx` variable such that `ix` would be larger than the number of values in `node_t.args`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23592
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54967
published_at 2026-06-04T12:55:00Z
1
value 0.00316
scoring_system epss
scoring_elements 0.55006
published_at 2026-06-08T12:55:00Z
2
value 0.00316
scoring_system epss
scoring_elements 0.55024
published_at 2026-06-07T12:55:00Z
3
value 0.00316
scoring_system epss
scoring_elements 0.55033
published_at 2026-06-06T12:55:00Z
4
value 0.00316
scoring_system epss
scoring_elements 0.55025
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23592
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-101.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-101.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-156.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-156.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/
url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229
5
reference_url https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/
url https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq36-27g6-p492
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:19Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq36-27g6-p492
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23592
reference_id CVE-2022-23592
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23592
8
reference_url https://github.com/advisories/GHSA-vq36-27g6-p492
reference_id GHSA-vq36-27g6-p492
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vq36-27g6-p492
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.0
purl pkg:pypi/tensorflow-gpu@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-124y-9kpj-p7aj
1
vulnerability VCID-1b48-dfec-4ycn
2
vulnerability VCID-1fjg-c139-1yf1
3
vulnerability VCID-1g5s-7at3-ckfn
4
vulnerability VCID-1jte-hpg7-gydx
5
vulnerability VCID-1m8h-cgum-nkd2
6
vulnerability VCID-1xee-v43t-c7c4
7
vulnerability VCID-23fs-9e1j-tbdu
8
vulnerability VCID-2ycd-39t1-zfhs
9
vulnerability VCID-34ue-dphj-8ka5
10
vulnerability VCID-36ey-jnev-qqf8
11
vulnerability VCID-37j3-cnw5-4fch
12
vulnerability VCID-3dgz-dzdx-8kgz
13
vulnerability VCID-3ev9-u7cm-tbct
14
vulnerability VCID-3jab-qtww-47eq
15
vulnerability VCID-3kva-8fv8-ukaa
16
vulnerability VCID-3rtn-hnmg-dugs
17
vulnerability VCID-3v2x-fcff-2kfn
18
vulnerability VCID-42t9-hpd3-hufy
19
vulnerability VCID-4632-rf32-xfgg
20
vulnerability VCID-4gct-hv2n-8fes
21
vulnerability VCID-542f-yjje-zfad
22
vulnerability VCID-5qdx-9g76-3ugr
23
vulnerability VCID-5r5f-1mgp-x3hh
24
vulnerability VCID-63yf-6n3f-uugw
25
vulnerability VCID-6aey-qzrr-9qdk
26
vulnerability VCID-6f4y-m6ca-nyf6
27
vulnerability VCID-6fzx-5d86-fqcg
28
vulnerability VCID-6yy3-r6mh-j3e8
29
vulnerability VCID-71dj-4wgv-dkfa
30
vulnerability VCID-7qsc-g2q6-yyev
31
vulnerability VCID-8h8c-hzce-sqby
32
vulnerability VCID-8nt4-mp8z-b3et
33
vulnerability VCID-9tbn-pjhn-5bdk
34
vulnerability VCID-a2bj-bk9e-7fdw
35
vulnerability VCID-a5ey-dfsw-vfaz
36
vulnerability VCID-ac5u-fzwq-k3bk
37
vulnerability VCID-adbe-gm2b-g7h4
38
vulnerability VCID-an2q-1spn-gfgz
39
vulnerability VCID-b31k-j7yk-muhz
40
vulnerability VCID-b51p-mfd9-fqge
41
vulnerability VCID-b6g8-7vy6-gqh7
42
vulnerability VCID-bckg-ymqp-eyg6
43
vulnerability VCID-bhtq-drn4-pqfw
44
vulnerability VCID-bjcs-f4yp-skc3
45
vulnerability VCID-bmq7-ywhj-w3ap
46
vulnerability VCID-budt-6suv-87fk
47
vulnerability VCID-c1qd-61t7-2fe3
48
vulnerability VCID-c7xx-8n31-dkd8
49
vulnerability VCID-cnnv-k1mq-bycd
50
vulnerability VCID-cvdm-ubbq-63ew
51
vulnerability VCID-d1xg-zvu2-pfcf
52
vulnerability VCID-dftm-vs4w-kfag
53
vulnerability VCID-dvpe-15m7-puh4
54
vulnerability VCID-e8a2-ny5z-73au
55
vulnerability VCID-efrr-vytn-nbfk
56
vulnerability VCID-ekmw-8ekq-1bfq
57
vulnerability VCID-eqjg-vnm4-pbgx
58
vulnerability VCID-eqp9-vbjw-uye1
59
vulnerability VCID-eseh-ekjx-yffk
60
vulnerability VCID-ev9c-cxzc-p7hb
61
vulnerability VCID-f85h-49x9-7qdw
62
vulnerability VCID-g5du-95mm-uqdv
63
vulnerability VCID-ghqz-dfeq-rygz
64
vulnerability VCID-gt24-f126-akej
65
vulnerability VCID-gv1k-p9qb-qug3
66
vulnerability VCID-h18h-987d-q7he
67
vulnerability VCID-h9va-2q1u-nfeq
68
vulnerability VCID-hk5u-5r79-67ee
69
vulnerability VCID-hm4p-s6xd-8uf5
70
vulnerability VCID-j7jy-3r33-x7fy
71
vulnerability VCID-juat-vtcr-xbg3
72
vulnerability VCID-k2ms-13kz-4bgg
73
vulnerability VCID-k3am-7v2s-xqb9
74
vulnerability VCID-kafn-vb69-tub3
75
vulnerability VCID-kb5d-pyxb-4fe9
76
vulnerability VCID-kkbz-sb6d-nkb9
77
vulnerability VCID-kzhb-zzzm-ebe1
78
vulnerability VCID-mj52-z2qy-4bd8
79
vulnerability VCID-mpr8-1wz2-kfgv
80
vulnerability VCID-mtkv-vxpu-m3fu
81
vulnerability VCID-njmm-n794-tqcr
82
vulnerability VCID-nkyd-wte8-zbc8
83
vulnerability VCID-nn1z-3z62-5fby
84
vulnerability VCID-nttr-e3uq-tbew
85
vulnerability VCID-ppev-q19c-jfcd
86
vulnerability VCID-pw2j-ex1f-wkgd
87
vulnerability VCID-q2hk-yjnj-jbfb
88
vulnerability VCID-q8m1-bjce-67bd
89
vulnerability VCID-qh3y-aeak-u3hg
90
vulnerability VCID-qhtm-u49u-zyeg
91
vulnerability VCID-qp8b-wyj4-h7e4
92
vulnerability VCID-r11x-hcqs-cfgb
93
vulnerability VCID-r14r-z3cv-1qa6
94
vulnerability VCID-r3y2-x3nx-67ac
95
vulnerability VCID-raep-npkq-b3fx
96
vulnerability VCID-rdtn-n88f-pqas
97
vulnerability VCID-rh99-4vre-gfde
98
vulnerability VCID-rth4-8c4m-f3gd
99
vulnerability VCID-scvf-p5ff-c3df
100
vulnerability VCID-sevq-49gc-k3eh
101
vulnerability VCID-shq8-1n4y-vkc5
102
vulnerability VCID-t2dj-e6dk-m7f2
103
vulnerability VCID-tuqw-n8ka-jfht
104
vulnerability VCID-udmn-j2p9-xuez
105
vulnerability VCID-uhxa-me3d-sbhj
106
vulnerability VCID-upnq-6wx8-gug8
107
vulnerability VCID-urkj-g83d-xkh8
108
vulnerability VCID-uucj-un2y-h7h8
109
vulnerability VCID-v68f-q5vf-wkf5
110
vulnerability VCID-vpg8-m282-bbfb
111
vulnerability VCID-vtgx-x9t1-eyb1
112
vulnerability VCID-vxm3-72uk-zbb8
113
vulnerability VCID-w316-z2dk-sbdy
114
vulnerability VCID-w5vq-nwu5-pken
115
vulnerability VCID-wdks-wa1n-ckhx
116
vulnerability VCID-wvbd-6s6n-fqdz
117
vulnerability VCID-x2hf-a9qm-t3du
118
vulnerability VCID-x7s3-qyrt-mbat
119
vulnerability VCID-xej2-7wvk-xuec
120
vulnerability VCID-xuzj-9346-tuf3
121
vulnerability VCID-ybth-xfxp-c7fu
122
vulnerability VCID-yrtd-47vc-muff
123
vulnerability VCID-yy9b-ymk2-5kea
124
vulnerability VCID-zc2s-1rty-hyd9
125
vulnerability VCID-zfqe-wftj-nke3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.0
aliases BIT-tensorflow-2022-23592, CVE-2022-23592, GHSA-vq36-27g6-p492, PYSEC-2022-101, PYSEC-2022-156
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3k4-z4f1-hfhy
17
url VCID-dftm-vs4w-kfag
vulnerability_id VCID-dftm-vs4w-kfag
summary 
Heap-based Buffer Overflow
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25664
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25581
published_at 2026-06-04T12:55:00Z
1
value 0.0009
scoring_system epss
scoring_elements 0.25568
published_at 2026-06-08T12:55:00Z
2
value 0.0009
scoring_system epss
scoring_elements 0.25626
published_at 2026-06-07T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.25674
published_at 2026-06-06T12:55:00Z
4
value 0.0009
scoring_system epss
scoring_elements 0.25683
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25664
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/ddaac2bdd099bec5d7923dea45276a7558217e5b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:38:56Z/
url https://github.com/tensorflow/tensorflow/commit/ddaac2bdd099bec5d7923dea45276a7558217e5b
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25664
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25664
5
reference_url https://github.com/advisories/GHSA-6hg6-5c2q-7rcr
reference_id GHSA-6hg6-5c2q-7rcr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6hg6-5c2q-7rcr
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr
reference_id GHSA-6hg6-5c2q-7rcr
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:38:56Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25664, GHSA-6hg6-5c2q-7rcr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dftm-vs4w-kfag
18
url VCID-dvpe-15m7-puh4
vulnerability_id VCID-dvpe-15m7-puh4
summary TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a `nullptr`, which is not caught. An example can be seen in `tf.compat.v1.extract_volume_patches` by passing in quantized tensors as input `ksizes`. We have patched the issue in GitHub commit e9e95553e5411834d215e6770c81a83a3d0866ce. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41889
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31003
published_at 2026-06-08T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31038
published_at 2026-06-04T12:55:00Z
2
value 0.00123
scoring_system epss
scoring_elements 0.31103
published_at 2026-06-05T12:55:00Z
3
value 0.00123
scoring_system epss
scoring_elements 0.3107
published_at 2026-06-06T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.31036
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41889
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:23Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/e9e95553e5411834d215e6770c81a83a3d0866ce
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:23Z/
url https://github.com/tensorflow/tensorflow/commit/e9e95553e5411834d215e6770c81a83a3d0866ce
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xxcj-rhqg-m46g
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:23Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xxcj-rhqg-m46g
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41889
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41889
6
reference_url https://github.com/advisories/GHSA-xxcj-rhqg-m46g
reference_id GHSA-xxcj-rhqg-m46g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxcj-rhqg-m46g
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41889, GHSA-xxcj-rhqg-m46g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dvpe-15m7-puh4
19
url VCID-e8a2-ny5z-73au
vulnerability_id VCID-e8a2-ny5z-73au
summary 
`CHECK` failure in `SobolSample` via missing validation
### Impact
Another instance of CVE-2022-35935, where `SobolSample` is vulnerable to a denial of service via assumed scalar inputs, was found and fixed.
```python
import tensorflow as tf
tf.raw_ops.SobolSample(dim=tf.constant([1,0]), num_results=tf.constant([1]), skip=tf.constant([1]))
```

### Patches
We have patched the issue in GitHub commits [c65c67f88ad770662e8f191269a907bf2b94b1bf](https://github.com/tensorflow/tensorflow/commit/c65c67f88ad770662e8f191269a907bf2b94b1bf) and [02400ea266bd811fc016a848445de1bbff3a23a0](https://github.com/tensorflow/tensorflow/commit/02400ea266bd811fc016a848445de1bbff3a23a0)

The fix will be included in TensorFlow 2.11. We will also cherrypick both commits on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. TensorFlow 2.7.4 will have the first commit cherrypicked.


### For more information
Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.


### Attribution
This vulnerability has been reported by:
- Kang Hong Jin from Singapore Management University
- Neophytos Christou, Secure Systems Labs, Brown University
- 刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
- Pattarakrit Rattankul
references
0
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
1
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqvq-fvhr-v6hc
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqvq-fvhr-v6hc
2
reference_url https://github.com/advisories/GHSA-cqvq-fvhr-v6hc
reference_id GHSA-cqvq-fvhr-v6hc
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cqvq-fvhr-v6hc
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases GHSA-cqvq-fvhr-v6hc, GMS-2022-6996, GMS-2022-7004, GMS-2022-7012
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8a2-ny5z-73au
20
url VCID-ekmw-8ekq-1bfq
vulnerability_id VCID-ekmw-8ekq-1bfq
summary TensorFlow is an open source platform for machine learning. An input `sparse_matrix` that is not a matrix with a shape with rank 0 will trigger a `CHECK` fail in `tf.raw_ops.SparseMatrixNNZ`. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41901
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52276
published_at 2026-06-07T12:55:00Z
1
value 0.00285
scoring_system epss
scoring_elements 0.52247
published_at 2026-06-08T12:55:00Z
2
value 0.0035
scoring_system epss
scoring_elements 0.57725
published_at 2026-06-04T12:55:00Z
3
value 0.0035
scoring_system epss
scoring_elements 0.57785
published_at 2026-06-06T12:55:00Z
4
value 0.0035
scoring_system epss
scoring_elements 0.57777
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41901
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse/sparse_matrix.h
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse/sparse_matrix.h
3
reference_url https://github.com/tensorflow/tensorflow/commit/f856d02e5322821aad155dad9b3acab1e9f5d693
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/commit/f856d02e5322821aad155dad9b3acab1e9f5d693
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41901
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41901
6
reference_url https://github.com/advisories/GHSA-g9fm-r5mm-rf9f
reference_id GHSA-g9fm-r5mm-rf9f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g9fm-r5mm-rf9f
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41901, GHSA-g9fm-r5mm-rf9f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ekmw-8ekq-1bfq
21
url VCID-eseh-ekjx-yffk
vulnerability_id VCID-eseh-ekjx-yffk
summary TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListResize` is given a nonscalar value for input `size`, it results `CHECK` fail which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 888e34b49009a4e734c27ab0c43b0b5102682c56. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41893
reference_id
reference_type
scores
0
value 0.00195
scoring_system epss
scoring_elements 0.41225
published_at 2026-06-08T12:55:00Z
1
value 0.00195
scoring_system epss
scoring_elements 0.41205
published_at 2026-06-04T12:55:00Z
2
value 0.00195
scoring_system epss
scoring_elements 0.41282
published_at 2026-06-05T12:55:00Z
3
value 0.00195
scoring_system epss
scoring_elements 0.41286
published_at 2026-06-06T12:55:00Z
4
value 0.00195
scoring_system epss
scoring_elements 0.41255
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41893
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:13Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/888e34b49009a4e734c27ab0c43b0b5102682c56
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:13Z/
url https://github.com/tensorflow/tensorflow/commit/888e34b49009a4e734c27ab0c43b0b5102682c56
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:13Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41893
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41893
6
reference_url https://github.com/advisories/GHSA-67pf-62xr-q35m
reference_id GHSA-67pf-62xr-q35m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-67pf-62xr-q35m
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41893, GHSA-67pf-62xr-q35m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eseh-ekjx-yffk
22
url VCID-ev9c-cxzc-p7hb
vulnerability_id VCID-ev9c-cxzc-p7hb
summary 
Integer Overflow or Wraparound
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 is vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25662
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.35456
published_at 2026-06-04T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.35485
published_at 2026-06-08T12:55:00Z
2
value 0.00151
scoring_system epss
scoring_elements 0.35524
published_at 2026-06-07T12:55:00Z
3
value 0.00151
scoring_system epss
scoring_elements 0.35562
published_at 2026-06-06T12:55:00Z
4
value 0.00151
scoring_system epss
scoring_elements 0.35551
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25662
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/08b8e18643d6dcde00890733b270ff8d9960c56c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:37:26Z/
url https://github.com/tensorflow/tensorflow/commit/08b8e18643d6dcde00890733b270ff8d9960c56c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25662
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25662
5
reference_url https://github.com/advisories/GHSA-7jvm-xxmr-v5cw
reference_id GHSA-7jvm-xxmr-v5cw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7jvm-xxmr-v5cw
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw
reference_id GHSA-7jvm-xxmr-v5cw
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:37:26Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25662, GHSA-7jvm-xxmr-v5cw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ev9c-cxzc-p7hb
23
url VCID-ghqz-dfeq-rygz
vulnerability_id VCID-ghqz-dfeq-rygz
summary TensorFlow is an open source platform for machine learning. If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. We have patched the issue in GitHub commit 2b56169c16e375c521a3bc8ea658811cc0793784. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41884
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32381
published_at 2026-06-04T12:55:00Z
1
value 0.00133
scoring_system epss
scoring_elements 0.32421
published_at 2026-06-06T12:55:00Z
2
value 0.00133
scoring_system epss
scoring_elements 0.32452
published_at 2026-06-05T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35169
published_at 2026-06-07T12:55:00Z
4
value 0.00149
scoring_system epss
scoring_elements 0.35134
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41884
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784
3
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41884
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41884
5
reference_url https://github.com/advisories/GHSA-jq6x-99hj-q636
reference_id GHSA-jq6x-99hj-q636
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jq6x-99hj-q636
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41884, GHSA-jq6x-99hj-q636
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ghqz-dfeq-rygz
24
url VCID-h18h-987d-q7he
vulnerability_id VCID-h18h-987d-q7he
summary 
Incorrect Comparison
TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater `filter_input_channel` of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-27579
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.4287
published_at 2026-06-05T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.4282
published_at 2026-06-08T12:55:00Z
2
value 0.00206
scoring_system epss
scoring_elements 0.42857
published_at 2026-06-07T12:55:00Z
3
value 0.00206
scoring_system epss
scoring_elements 0.42881
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-27579
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:44:58Z/
url https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-27579
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-27579
5
reference_url https://github.com/advisories/GHSA-5w96-866f-6rm8
reference_id GHSA-5w96-866f-6rm8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5w96-866f-6rm8
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8
reference_id GHSA-5w96-866f-6rm8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:44:58Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-27579, GHSA-5w96-866f-6rm8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h18h-987d-q7he
25
url VCID-hcud-kg7b-zyhx
vulnerability_id VCID-hcud-kg7b-zyhx
summary Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23593
reference_id
reference_type
scores
0
value 0.00309
scoring_system epss
scoring_elements 0.54351
published_at 2026-06-04T12:55:00Z
1
value 0.00309
scoring_system epss
scoring_elements 0.54384
published_at 2026-06-08T12:55:00Z
2
value 0.00309
scoring_system epss
scoring_elements 0.54407
published_at 2026-06-07T12:55:00Z
3
value 0.00309
scoring_system epss
scoring_elements 0.54417
published_at 2026-06-06T12:55:00Z
4
value 0.00309
scoring_system epss
scoring_elements 0.54408
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23593
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-102.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-102.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-157.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-157.yaml
3
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
4
reference_url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205
5
reference_url https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23593
reference_id CVE-2022-23593
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23593
8
reference_url https://github.com/advisories/GHSA-gwcx-jrx4-92w2
reference_id GHSA-gwcx-jrx4-92w2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gwcx-jrx4-92w2
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.0
purl pkg:pypi/tensorflow-gpu@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-124y-9kpj-p7aj
1
vulnerability VCID-1b48-dfec-4ycn
2
vulnerability VCID-1fjg-c139-1yf1
3
vulnerability VCID-1g5s-7at3-ckfn
4
vulnerability VCID-1jte-hpg7-gydx
5
vulnerability VCID-1m8h-cgum-nkd2
6
vulnerability VCID-1xee-v43t-c7c4
7
vulnerability VCID-23fs-9e1j-tbdu
8
vulnerability VCID-2ycd-39t1-zfhs
9
vulnerability VCID-34ue-dphj-8ka5
10
vulnerability VCID-36ey-jnev-qqf8
11
vulnerability VCID-37j3-cnw5-4fch
12
vulnerability VCID-3dgz-dzdx-8kgz
13
vulnerability VCID-3ev9-u7cm-tbct
14
vulnerability VCID-3jab-qtww-47eq
15
vulnerability VCID-3kva-8fv8-ukaa
16
vulnerability VCID-3rtn-hnmg-dugs
17
vulnerability VCID-3v2x-fcff-2kfn
18
vulnerability VCID-42t9-hpd3-hufy
19
vulnerability VCID-4632-rf32-xfgg
20
vulnerability VCID-4gct-hv2n-8fes
21
vulnerability VCID-542f-yjje-zfad
22
vulnerability VCID-5qdx-9g76-3ugr
23
vulnerability VCID-5r5f-1mgp-x3hh
24
vulnerability VCID-63yf-6n3f-uugw
25
vulnerability VCID-6aey-qzrr-9qdk
26
vulnerability VCID-6f4y-m6ca-nyf6
27
vulnerability VCID-6fzx-5d86-fqcg
28
vulnerability VCID-6yy3-r6mh-j3e8
29
vulnerability VCID-71dj-4wgv-dkfa
30
vulnerability VCID-7qsc-g2q6-yyev
31
vulnerability VCID-8h8c-hzce-sqby
32
vulnerability VCID-8nt4-mp8z-b3et
33
vulnerability VCID-9tbn-pjhn-5bdk
34
vulnerability VCID-a2bj-bk9e-7fdw
35
vulnerability VCID-a5ey-dfsw-vfaz
36
vulnerability VCID-ac5u-fzwq-k3bk
37
vulnerability VCID-adbe-gm2b-g7h4
38
vulnerability VCID-an2q-1spn-gfgz
39
vulnerability VCID-b31k-j7yk-muhz
40
vulnerability VCID-b51p-mfd9-fqge
41
vulnerability VCID-b6g8-7vy6-gqh7
42
vulnerability VCID-bckg-ymqp-eyg6
43
vulnerability VCID-bhtq-drn4-pqfw
44
vulnerability VCID-bjcs-f4yp-skc3
45
vulnerability VCID-bmq7-ywhj-w3ap
46
vulnerability VCID-budt-6suv-87fk
47
vulnerability VCID-c1qd-61t7-2fe3
48
vulnerability VCID-c7xx-8n31-dkd8
49
vulnerability VCID-cnnv-k1mq-bycd
50
vulnerability VCID-cvdm-ubbq-63ew
51
vulnerability VCID-d1xg-zvu2-pfcf
52
vulnerability VCID-dftm-vs4w-kfag
53
vulnerability VCID-dvpe-15m7-puh4
54
vulnerability VCID-e8a2-ny5z-73au
55
vulnerability VCID-efrr-vytn-nbfk
56
vulnerability VCID-ekmw-8ekq-1bfq
57
vulnerability VCID-eqjg-vnm4-pbgx
58
vulnerability VCID-eqp9-vbjw-uye1
59
vulnerability VCID-eseh-ekjx-yffk
60
vulnerability VCID-ev9c-cxzc-p7hb
61
vulnerability VCID-f85h-49x9-7qdw
62
vulnerability VCID-g5du-95mm-uqdv
63
vulnerability VCID-ghqz-dfeq-rygz
64
vulnerability VCID-gt24-f126-akej
65
vulnerability VCID-gv1k-p9qb-qug3
66
vulnerability VCID-h18h-987d-q7he
67
vulnerability VCID-h9va-2q1u-nfeq
68
vulnerability VCID-hk5u-5r79-67ee
69
vulnerability VCID-hm4p-s6xd-8uf5
70
vulnerability VCID-j7jy-3r33-x7fy
71
vulnerability VCID-juat-vtcr-xbg3
72
vulnerability VCID-k2ms-13kz-4bgg
73
vulnerability VCID-k3am-7v2s-xqb9
74
vulnerability VCID-kafn-vb69-tub3
75
vulnerability VCID-kb5d-pyxb-4fe9
76
vulnerability VCID-kkbz-sb6d-nkb9
77
vulnerability VCID-kzhb-zzzm-ebe1
78
vulnerability VCID-mj52-z2qy-4bd8
79
vulnerability VCID-mpr8-1wz2-kfgv
80
vulnerability VCID-mtkv-vxpu-m3fu
81
vulnerability VCID-njmm-n794-tqcr
82
vulnerability VCID-nkyd-wte8-zbc8
83
vulnerability VCID-nn1z-3z62-5fby
84
vulnerability VCID-nttr-e3uq-tbew
85
vulnerability VCID-ppev-q19c-jfcd
86
vulnerability VCID-pw2j-ex1f-wkgd
87
vulnerability VCID-q2hk-yjnj-jbfb
88
vulnerability VCID-q8m1-bjce-67bd
89
vulnerability VCID-qh3y-aeak-u3hg
90
vulnerability VCID-qhtm-u49u-zyeg
91
vulnerability VCID-qp8b-wyj4-h7e4
92
vulnerability VCID-r11x-hcqs-cfgb
93
vulnerability VCID-r14r-z3cv-1qa6
94
vulnerability VCID-r3y2-x3nx-67ac
95
vulnerability VCID-raep-npkq-b3fx
96
vulnerability VCID-rdtn-n88f-pqas
97
vulnerability VCID-rh99-4vre-gfde
98
vulnerability VCID-rth4-8c4m-f3gd
99
vulnerability VCID-scvf-p5ff-c3df
100
vulnerability VCID-sevq-49gc-k3eh
101
vulnerability VCID-shq8-1n4y-vkc5
102
vulnerability VCID-t2dj-e6dk-m7f2
103
vulnerability VCID-tuqw-n8ka-jfht
104
vulnerability VCID-udmn-j2p9-xuez
105
vulnerability VCID-uhxa-me3d-sbhj
106
vulnerability VCID-upnq-6wx8-gug8
107
vulnerability VCID-urkj-g83d-xkh8
108
vulnerability VCID-uucj-un2y-h7h8
109
vulnerability VCID-v68f-q5vf-wkf5
110
vulnerability VCID-vpg8-m282-bbfb
111
vulnerability VCID-vtgx-x9t1-eyb1
112
vulnerability VCID-vxm3-72uk-zbb8
113
vulnerability VCID-w316-z2dk-sbdy
114
vulnerability VCID-w5vq-nwu5-pken
115
vulnerability VCID-wdks-wa1n-ckhx
116
vulnerability VCID-wvbd-6s6n-fqdz
117
vulnerability VCID-x2hf-a9qm-t3du
118
vulnerability VCID-x7s3-qyrt-mbat
119
vulnerability VCID-xej2-7wvk-xuec
120
vulnerability VCID-xuzj-9346-tuf3
121
vulnerability VCID-ybth-xfxp-c7fu
122
vulnerability VCID-yrtd-47vc-muff
123
vulnerability VCID-yy9b-ymk2-5kea
124
vulnerability VCID-zc2s-1rty-hyd9
125
vulnerability VCID-zfqe-wftj-nke3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.0
aliases BIT-tensorflow-2022-23593, CVE-2022-23593, GHSA-gwcx-jrx4-92w2, PYSEC-2022-102, PYSEC-2022-157
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcud-kg7b-zyhx
26
url VCID-hm4p-s6xd-8uf5
vulnerability_id VCID-hm4p-s6xd-8uf5
summary TensorFlow is an open source platform for machine learning. An input `token` that is not a UTF-8 bytestring will trigger a `CHECK` fail in `tf.raw_ops.PyFunc`. We have patched the issue in GitHub commit 9f03a9d3bafe902c1e6beb105b2f24172f238645. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41908
reference_id
reference_type
scores
0
value 0.00255
scoring_system epss
scoring_elements 0.49113
published_at 2026-06-07T12:55:00Z
1
value 0.00255
scoring_system epss
scoring_elements 0.49084
published_at 2026-06-08T12:55:00Z
2
value 0.00313
scoring_system epss
scoring_elements 0.54738
published_at 2026-06-04T12:55:00Z
3
value 0.00313
scoring_system epss
scoring_elements 0.54796
published_at 2026-06-05T12:55:00Z
4
value 0.00313
scoring_system epss
scoring_elements 0.54806
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41908
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:38Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/9f03a9d3bafe902c1e6beb105b2f24172f238645
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:38Z/
url https://github.com/tensorflow/tensorflow/commit/9f03a9d3bafe902c1e6beb105b2f24172f238645
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:38Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41908
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41908
6
reference_url https://github.com/advisories/GHSA-mv77-9g28-cwg3
reference_id GHSA-mv77-9g28-cwg3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mv77-9g28-cwg3
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41908, GHSA-mv77-9g28-cwg3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hm4p-s6xd-8uf5
27
url VCID-j7jy-3r33-x7fy
vulnerability_id VCID-j7jy-3r33-x7fy
summary 
NULL Pointer Dereference
TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25674
reference_id
reference_type
scores
0
value 0.00391
scoring_system epss
scoring_elements 0.60404
published_at 2026-06-04T12:55:00Z
1
value 0.00391
scoring_system epss
scoring_elements 0.60426
published_at 2026-06-08T12:55:00Z
2
value 0.00391
scoring_system epss
scoring_elements 0.60443
published_at 2026-06-07T12:55:00Z
3
value 0.00391
scoring_system epss
scoring_elements 0.60454
published_at 2026-06-06T12:55:00Z
4
value 0.00391
scoring_system epss
scoring_elements 0.60451
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25674
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:16:05Z/
url https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25674
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25674
5
reference_url https://github.com/advisories/GHSA-gf97-q72m-7579
reference_id GHSA-gf97-q72m-7579
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gf97-q72m-7579
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579
reference_id GHSA-gf97-q72m-7579
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:16:05Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25674, GHSA-gf97-q72m-7579
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j7jy-3r33-x7fy
28
url VCID-kzhb-zzzm-ebe1
vulnerability_id VCID-kzhb-zzzm-ebe1
summary 
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager mode
### Impact
Another instance of CVE-2022-35991, where `TensorListScatter` and `TensorListScatterV2` crash via non scalar inputs in`element_shape`, was found in eager mode and fixed.
```python
import tensorflow as tf
arg_0=tf.random.uniform(shape=(2, 2, 2), dtype=tf.float16, maxval=None)
arg_1=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536)
arg_2=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536)
arg_3=''
tf.raw_ops.TensorListScatter(tensor=arg_0, indices=arg_1, 
element_shape=arg_2, name=arg_3)
```

### Patches
We have patched the issue in GitHub commit [bf9932fc907aff0e9e8cccf769e8b00d30fd81a1](https://github.com/tensorflow/tensorflow/commit/bf9932fc907aff0e9e8cccf769e8b00d30fd81a1).

The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.


### For more information
Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.


### Attribution
This vulnerability has been reported by Pattarakrit Rattankul
references
0
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
1
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xf83-q765-xm6m
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xf83-q765-xm6m
2
reference_url https://github.com/advisories/GHSA-xf83-q765-xm6m
reference_id GHSA-xf83-q765-xm6m
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xf83-q765-xm6m
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases GHSA-xf83-q765-xm6m, GMS-2022-7001, GMS-2022-7009, GMS-2022-7017
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzhb-zzzm-ebe1
29
url VCID-mj52-z2qy-4bd8
vulnerability_id VCID-mj52-z2qy-4bd8
summary 
NULL Pointer Dereference
TensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25672
reference_id
reference_type
scores
0
value 0.00105
scoring_system epss
scoring_elements 0.28126
published_at 2026-06-04T12:55:00Z
1
value 0.00105
scoring_system epss
scoring_elements 0.28063
published_at 2026-06-08T12:55:00Z
2
value 0.00105
scoring_system epss
scoring_elements 0.28107
published_at 2026-06-07T12:55:00Z
3
value 0.00105
scoring_system epss
scoring_elements 0.28147
published_at 2026-06-06T12:55:00Z
4
value 0.00105
scoring_system epss
scoring_elements 0.28197
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25672
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/980b22536abcbbe1b4a5642fc940af33d8c19b69
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:14:12Z/
url https://github.com/tensorflow/tensorflow/commit/980b22536abcbbe1b4a5642fc940af33d8c19b69
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25672
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25672
5
reference_url https://github.com/advisories/GHSA-94mm-g2mv-8p7r
reference_id GHSA-94mm-g2mv-8p7r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-94mm-g2mv-8p7r
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-94mm-g2mv-8p7r
reference_id GHSA-94mm-g2mv-8p7r
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:14:12Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-94mm-g2mv-8p7r
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25672, GHSA-94mm-g2mv-8p7r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mj52-z2qy-4bd8
30
url VCID-nn1z-3z62-5fby
vulnerability_id VCID-nn1z-3z62-5fby
summary TensorFlow is an open source platform for machine learning. An input `encoded` that is not a valid `CompositeTensorVariant` tensor will trigger a segfault in `tf.raw_ops.CompositeTensorVariantToComponents`. We have patched the issue in GitHub commits bf594d08d377dc6a3354d9fdb494b32d45f91971 and 660ce5a89eb6766834bdc303d2ab3902aef99d3d. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41909
reference_id
reference_type
scores
0
value 0.00395
scoring_system epss
scoring_elements 0.60705
published_at 2026-06-07T12:55:00Z
1
value 0.00395
scoring_system epss
scoring_elements 0.60688
published_at 2026-06-08T12:55:00Z
2
value 0.00484
scoring_system epss
scoring_elements 0.65613
published_at 2026-06-04T12:55:00Z
3
value 0.00484
scoring_system epss
scoring_elements 0.65677
published_at 2026-06-06T12:55:00Z
4
value 0.00484
scoring_system epss
scoring_elements 0.65666
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41909
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:35Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/660ce5a89eb6766834bdc303d2ab3902aef99d3d
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:35Z/
url https://github.com/tensorflow/tensorflow/commit/660ce5a89eb6766834bdc303d2ab3902aef99d3d
4
reference_url https://github.com/tensorflow/tensorflow/commit/bf594d08d377dc6a3354d9fdb494b32d45f91971
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:35Z/
url https://github.com/tensorflow/tensorflow/commit/bf594d08d377dc6a3354d9fdb494b32d45f91971
5
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:35Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41909
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41909
7
reference_url https://github.com/advisories/GHSA-rjx6-v474-2ch9
reference_id GHSA-rjx6-v474-2ch9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rjx6-v474-2ch9
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41909, GHSA-rjx6-v474-2ch9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nn1z-3z62-5fby
31
url VCID-q2hk-yjnj-jbfb
vulnerability_id VCID-q2hk-yjnj-jbfb
summary 
NULL Pointer Dereference
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25676
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47226
published_at 2026-06-04T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47245
published_at 2026-06-08T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47275
published_at 2026-06-07T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47293
published_at 2026-06-06T12:55:00Z
4
value 0.0024
scoring_system epss
scoring_elements 0.47291
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25676
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/da66bc6d5ff466aee084f9e7397980a24890cd15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:43:05Z/
url https://github.com/tensorflow/tensorflow/commit/da66bc6d5ff466aee084f9e7397980a24890cd15
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25676
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25676
5
reference_url https://github.com/advisories/GHSA-6wfh-89q8-44jq
reference_id GHSA-6wfh-89q8-44jq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6wfh-89q8-44jq
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq
reference_id GHSA-6wfh-89q8-44jq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:43:05Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25676, GHSA-6wfh-89q8-44jq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2hk-yjnj-jbfb
32
url VCID-qh3y-aeak-u3hg
vulnerability_id VCID-qh3y-aeak-u3hg
summary 
Out-of-bounds Read
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter `indices` for `DynamicStitch` does not match the shape of the parameter `data`, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25659
reference_id
reference_type
scores
0
value 0.00204
scoring_system epss
scoring_elements 0.4248
published_at 2026-06-04T12:55:00Z
1
value 0.00204
scoring_system epss
scoring_elements 0.42502
published_at 2026-06-08T12:55:00Z
2
value 0.00204
scoring_system epss
scoring_elements 0.42537
published_at 2026-06-07T12:55:00Z
3
value 0.00204
scoring_system epss
scoring_elements 0.42564
published_at 2026-06-06T12:55:00Z
4
value 0.00204
scoring_system epss
scoring_elements 0.42554
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25659
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/ee004b18b976eeb5a758020af8880236cd707d05
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:34:25Z/
url https://github.com/tensorflow/tensorflow/commit/ee004b18b976eeb5a758020af8880236cd707d05
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25659
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25659
5
reference_url https://github.com/advisories/GHSA-93vr-9q9m-pj8p
reference_id GHSA-93vr-9q9m-pj8p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-93vr-9q9m-pj8p
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p
reference_id GHSA-93vr-9q9m-pj8p
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:34:25Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25659, GHSA-93vr-9q9m-pj8p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qh3y-aeak-u3hg
33
url VCID-rdtn-n88f-pqas
vulnerability_id VCID-rdtn-n88f-pqas
summary TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a `const char*` array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41911
reference_id
reference_type
scores
0
value 0.00158
scoring_system epss
scoring_elements 0.36456
published_at 2026-06-08T12:55:00Z
1
value 0.00158
scoring_system epss
scoring_elements 0.36427
published_at 2026-06-04T12:55:00Z
2
value 0.00158
scoring_system epss
scoring_elements 0.36521
published_at 2026-06-05T12:55:00Z
3
value 0.00158
scoring_system epss
scoring_elements 0.36529
published_at 2026-06-06T12:55:00Z
4
value 0.00158
scoring_system epss
scoring_elements 0.36492
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41911
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:15Z/
url https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227
3
reference_url https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:15Z/
url https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:15Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41911
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41911
6
reference_url https://github.com/advisories/GHSA-pf36-r9c6-h97j
reference_id GHSA-pf36-r9c6-h97j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pf36-r9c6-h97j
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41911, GHSA-pf36-r9c6-h97j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdtn-n88f-pqas
34
url VCID-rh99-4vre-gfde
vulnerability_id VCID-rh99-4vre-gfde
summary TensorFlow is an open source platform for machine learning. When running on GPU, `tf.image.generate_bounding_box_proposals` receives a `scores` input that must be of rank 4 but is not checked. We have patched the issue in GitHub commit cf35502463a88ca7185a99daa7031df60b3c1c98. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41888
reference_id
reference_type
scores
0
value 0.00196
scoring_system epss
scoring_elements 0.41399
published_at 2026-06-07T12:55:00Z
1
value 0.00196
scoring_system epss
scoring_elements 0.41368
published_at 2026-06-08T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47464
published_at 2026-06-04T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47528
published_at 2026-06-05T12:55:00Z
4
value 0.0024
scoring_system epss
scoring_elements 0.47531
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41888
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:26Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/cf35502463a88ca7185a99daa7031df60b3c1c98
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:26Z/
url https://github.com/tensorflow/tensorflow/commit/cf35502463a88ca7185a99daa7031df60b3c1c98
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:26Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41888
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41888
6
reference_url https://github.com/advisories/GHSA-6x99-gv2v-q76v
reference_id GHSA-6x99-gv2v-q76v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6x99-gv2v-q76v
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41888, GHSA-6x99-gv2v-q76v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rh99-4vre-gfde
35
url VCID-scvf-p5ff-c3df
vulnerability_id VCID-scvf-p5ff-c3df
summary TensorFlow is an open source platform for machine learning. The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution. We have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48. The fix will be included in TensorFlow 2.11.0. We will also cherry pick this commit on TensorFlow 2.10.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41900
reference_id
reference_type
scores
0
value 0.01207
scoring_system epss
scoring_elements 0.79305
published_at 2026-06-08T12:55:00Z
1
value 0.01207
scoring_system epss
scoring_elements 0.79315
published_at 2026-06-07T12:55:00Z
2
value 0.01243
scoring_system epss
scoring_elements 0.79613
published_at 2026-06-04T12:55:00Z
3
value 0.01243
scoring_system epss
scoring_elements 0.79644
published_at 2026-06-06T12:55:00Z
4
value 0.01243
scoring_system epss
scoring_elements 0.79639
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41900
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/commit/216525144ee7c910296f5b05d214ca1327c9ce48
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/commit/216525144ee7c910296f5b05d214ca1327c9ce48
3
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41900
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41900
5
reference_url https://github.com/advisories/GHSA-xvwp-h6jv-7472
reference_id GHSA-xvwp-h6jv-7472
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xvwp-h6jv-7472
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41900, GHSA-xvwp-h6jv-7472
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scvf-p5ff-c3df
36
url VCID-tuqw-n8ka-jfht
vulnerability_id VCID-tuqw-n8ka-jfht
summary TensorFlow is an open source platform for machine learning. If `BCast::ToShape` is given input larger than an `int32`, it will crash, despite being supposed to handle up to an `int64`. An example can be seen in `tf.experimental.numpy.outer` by passing in large input to the input `b`. We have patched the issue in GitHub commit 8310bf8dd188ff780e7fc53245058215a05bdbe5. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41890
reference_id
reference_type
scores
0
value 0.00143
scoring_system epss
scoring_elements 0.34342
published_at 2026-06-08T12:55:00Z
1
value 0.00143
scoring_system epss
scoring_elements 0.34307
published_at 2026-06-04T12:55:00Z
2
value 0.00143
scoring_system epss
scoring_elements 0.34404
published_at 2026-06-05T12:55:00Z
3
value 0.00143
scoring_system epss
scoring_elements 0.3442
published_at 2026-06-06T12:55:00Z
4
value 0.00143
scoring_system epss
scoring_elements 0.34384
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41890
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/util/bcast.h
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:20Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/util/bcast.h
3
reference_url https://github.com/tensorflow/tensorflow/commit/8310bf8dd188ff780e7fc53245058215a05bdbe5
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:20Z/
url https://github.com/tensorflow/tensorflow/commit/8310bf8dd188ff780e7fc53245058215a05bdbe5
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:20Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41890
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41890
6
reference_url https://github.com/advisories/GHSA-h246-cgh4-7475
reference_id GHSA-h246-cgh4-7475
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h246-cgh4-7475
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41890, GHSA-h246-cgh4-7475
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tuqw-n8ka-jfht
37
url VCID-upnq-6wx8-gug8
vulnerability_id VCID-upnq-6wx8-gug8
summary 
Incorrect Comparison
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25673
reference_id
reference_type
scores
0
value 0.0028
scoring_system epss
scoring_elements 0.51571
published_at 2026-06-04T12:55:00Z
1
value 0.0028
scoring_system epss
scoring_elements 0.51583
published_at 2026-06-08T12:55:00Z
2
value 0.0028
scoring_system epss
scoring_elements 0.51616
published_at 2026-06-07T12:55:00Z
3
value 0.0028
scoring_system epss
scoring_elements 0.51637
published_at 2026-06-06T12:55:00Z
4
value 0.0028
scoring_system epss
scoring_elements 0.51631
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25673
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:15:44Z/
url https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25673
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25673
5
reference_url https://github.com/advisories/GHSA-647v-r7qq-24fh
reference_id GHSA-647v-r7qq-24fh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-647v-r7qq-24fh
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-647v-r7qq-24fh
reference_id GHSA-647v-r7qq-24fh
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:15:44Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-647v-r7qq-24fh
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25673, GHSA-647v-r7qq-24fh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-upnq-6wx8-gug8
38
url VCID-v68f-q5vf-wkf5
vulnerability_id VCID-v68f-q5vf-wkf5
summary 
Incorrect Comparison
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25675
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42796
published_at 2026-06-04T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.4282
published_at 2026-06-08T12:55:00Z
2
value 0.00206
scoring_system epss
scoring_elements 0.42857
published_at 2026-06-07T12:55:00Z
3
value 0.00206
scoring_system epss
scoring_elements 0.42881
published_at 2026-06-06T12:55:00Z
4
value 0.00206
scoring_system epss
scoring_elements 0.4287
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25675
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/8ae76cf085f4be26295d2ecf2081e759e04b8acf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:23:26Z/
url https://github.com/tensorflow/tensorflow/commit/8ae76cf085f4be26295d2ecf2081e759e04b8acf
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25675
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25675
5
reference_url https://github.com/advisories/GHSA-7x4v-9gxg-9hwj
reference_id GHSA-7x4v-9gxg-9hwj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7x4v-9gxg-9hwj
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj
reference_id GHSA-7x4v-9gxg-9hwj
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:23:26Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25675, GHSA-7x4v-9gxg-9hwj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v68f-q5vf-wkf5
39
url VCID-vxm3-72uk-zbb8
vulnerability_id VCID-vxm3-72uk-zbb8
summary TensorFlow is an open source platform for machine learning. If `MirrorPadGrad` is given outsize input `paddings`, TensorFlow will give a heap OOB error. We have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41895
reference_id
reference_type
scores
0
value 0.0015
scoring_system epss
scoring_elements 0.35277
published_at 2026-06-07T12:55:00Z
1
value 0.0015
scoring_system epss
scoring_elements 0.35313
published_at 2026-06-06T12:55:00Z
2
value 0.0015
scoring_system epss
scoring_elements 0.35303
published_at 2026-06-05T12:55:00Z
3
value 0.0015
scoring_system epss
scoring_elements 0.35236
published_at 2026-06-08T12:55:00Z
4
value 0.0015
scoring_system epss
scoring_elements 0.35196
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41895
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/717ca98d8c3bba348ff62281fdf38dcb5ea1ec92
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/commit/717ca98d8c3bba348ff62281fdf38dcb5ea1ec92
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41895
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41895
6
reference_url https://github.com/advisories/GHSA-gq2j-cr96-gvqx
reference_id GHSA-gq2j-cr96-gvqx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gq2j-cr96-gvqx
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41895, GHSA-gq2j-cr96-gvqx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxm3-72uk-zbb8
40
url VCID-w5vq-nwu5-pken
vulnerability_id VCID-w5vq-nwu5-pken
summary 
NULL Pointer Dereference
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25670
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47226
published_at 2026-06-04T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47245
published_at 2026-06-08T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47275
published_at 2026-06-07T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47293
published_at 2026-06-06T12:55:00Z
4
value 0.0024
scoring_system epss
scoring_elements 0.47291
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25670
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/8a47a39d9697969206d23a523c977238717e8727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:41:15Z/
url https://github.com/tensorflow/tensorflow/commit/8a47a39d9697969206d23a523c977238717e8727
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25670
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25670
5
reference_url https://github.com/advisories/GHSA-49rq-hwc3-x77w
reference_id GHSA-49rq-hwc3-x77w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-49rq-hwc3-x77w
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w
reference_id GHSA-49rq-hwc3-x77w
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:41:15Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25670, GHSA-49rq-hwc3-x77w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w5vq-nwu5-pken
41
url VCID-wdks-wa1n-ckhx
vulnerability_id VCID-wdks-wa1n-ckhx
summary TensorFlow is an open source platform for machine learning. When the `BaseCandidateSamplerOp` function receives a value in `true_classes` larger than `range_max`, a heap oob read occurs. We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41880
reference_id
reference_type
scores
0
value 0.0016
scoring_system epss
scoring_elements 0.36583
published_at 2026-06-04T12:55:00Z
1
value 0.0016
scoring_system epss
scoring_elements 0.36685
published_at 2026-06-06T12:55:00Z
2
value 0.0016
scoring_system epss
scoring_elements 0.36677
published_at 2026-06-05T12:55:00Z
3
value 0.00179
scoring_system epss
scoring_elements 0.39249
published_at 2026-06-08T12:55:00Z
4
value 0.00179
scoring_system epss
scoring_elements 0.39276
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41880
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/candidate_sampler_ops.cc
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:45Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/candidate_sampler_ops.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/b389f5c944cadfdfe599b3f1e4026e036f30d2d4
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:45Z/
url https://github.com/tensorflow/tensorflow/commit/b389f5c944cadfdfe599b3f1e4026e036f30d2d4
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:45Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41880
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41880
6
reference_url https://github.com/advisories/GHSA-8w5g-3wcv-9g2j
reference_id GHSA-8w5g-3wcv-9g2j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8w5g-3wcv-9g2j
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41880, GHSA-8w5g-3wcv-9g2j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wdks-wa1n-ckhx
42
url VCID-xej2-7wvk-xuec
vulnerability_id VCID-xej2-7wvk-xuec
summary 
Out-of-bounds Read
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, an out-of-bounds read is in GRUBlockCellGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25658
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16963
published_at 2026-06-04T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.1692
published_at 2026-06-08T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.17002
published_at 2026-06-07T12:55:00Z
3
value 0.00053
scoring_system epss
scoring_elements 0.17037
published_at 2026-06-06T12:55:00Z
4
value 0.00053
scoring_system epss
scoring_elements 0.17042
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25658
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
3
reference_url https://github.com/tensorflow/tensorflow/commit/ff459137c2716a2a60f7d441b855fcb466d778cb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:13:25Z/
url https://github.com/tensorflow/tensorflow/commit/ff459137c2716a2a60f7d441b855fcb466d778cb
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25658
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25658
5
reference_url https://github.com/advisories/GHSA-68v3-g9cm-rmm6
reference_id GHSA-68v3-g9cm-rmm6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-68v3-g9cm-rmm6
6
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6
reference_id GHSA-68v3-g9cm-rmm6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-19T20:13:25Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.11.1
purl pkg:pypi/tensorflow-gpu@2.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.11.1
1
url pkg:pypi/tensorflow-gpu@2.12.0
purl pkg:pypi/tensorflow-gpu@2.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37j3-cnw5-4fch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.12.0
aliases CVE-2023-25658, GHSA-68v3-g9cm-rmm6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xej2-7wvk-xuec
43
url VCID-yrtd-47vc-muff
vulnerability_id VCID-yrtd-47vc-muff
summary TensorFlow is an open source platform for machine learning. `tf.keras.losses.poisson` receives a `y_pred` and `y_true` that are passed through `functor::mul` in `BinaryOp`. If the resulting dimensions overflow an `int32`, TensorFlow will crash due to a size mismatch during broadcast assignment. We have patched the issue in GitHub commit c5b30379ba87cbe774b08ac50c1f6d36df4ebb7c. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1 and 2.9.3, as these are also affected and still in supported range. However, we will not cherrypick this commit into TensorFlow 2.8.x, as it depends on Eigen behavior that changed between 2.8 and 2.9.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41887
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.3399
published_at 2026-06-04T12:55:00Z
1
value 0.00142
scoring_system epss
scoring_elements 0.34107
published_at 2026-06-06T12:55:00Z
2
value 0.00142
scoring_system epss
scoring_elements 0.34091
published_at 2026-06-05T12:55:00Z
3
value 0.00159
scoring_system epss
scoring_elements 0.36511
published_at 2026-06-07T12:55:00Z
4
value 0.00159
scoring_system epss
scoring_elements 0.36474
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41887
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/cwise_ops_common.h
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:29Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/cwise_ops_common.h
3
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/keras/losses.py
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:29Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/keras/losses.py
4
reference_url https://github.com/tensorflow/tensorflow/commit/c5b30379ba87cbe774b08ac50c1f6d36df4ebb7c
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:29Z/
url https://github.com/tensorflow/tensorflow/commit/c5b30379ba87cbe774b08ac50c1f6d36df4ebb7c
5
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fvv-46hw-vpg3
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:29Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fvv-46hw-vpg3
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41887
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41887
7
reference_url https://github.com/advisories/GHSA-8fvv-46hw-vpg3
reference_id GHSA-8fvv-46hw-vpg3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8fvv-46hw-vpg3
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
1
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41887, GHSA-8fvv-46hw-vpg3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yrtd-47vc-muff
44
url VCID-yy9b-ymk2-5kea
vulnerability_id VCID-yy9b-ymk2-5kea
summary TensorFlow is an open source platform for machine learning. If `SparseFillEmptyRowsGrad` is given empty inputs, TensorFlow will crash. We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41898
reference_id
reference_type
scores
0
value 0.00152
scoring_system epss
scoring_elements 0.35627
published_at 2026-06-07T12:55:00Z
1
value 0.00152
scoring_system epss
scoring_elements 0.35588
published_at 2026-06-08T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40253
published_at 2026-06-04T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40334
published_at 2026-06-05T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40337
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41898
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse_fill_empty_rows_op_gpu.cu.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:56Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse_fill_empty_rows_op_gpu.cu.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/af4a6a3c8b95022c351edae94560acc61253a1b8
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:56Z/
url https://github.com/tensorflow/tensorflow/commit/af4a6a3c8b95022c351edae94560acc61253a1b8
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:56Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41898
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41898
6
reference_url https://github.com/advisories/GHSA-hq7g-wwwp-q46h
reference_id GHSA-hq7g-wwwp-q46h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hq7g-wwwp-q46h
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41898, GHSA-hq7g-wwwp-q46h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yy9b-ymk2-5kea
45
url VCID-zc2s-1rty-hyd9
vulnerability_id VCID-zc2s-1rty-hyd9
summary TensorFlow is an open source platform for machine learning. If `ThreadUnsafeUnigramCandidateSampler` is given input `filterbank_channel_count` greater than the allowed max size, TensorFlow will crash. We have patched the issue in GitHub commit 39ec7eaf1428e90c37787e5b3fbd68ebd3c48860. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41896
reference_id
reference_type
scores
0
value 0.00152
scoring_system epss
scoring_elements 0.35627
published_at 2026-06-07T12:55:00Z
1
value 0.00152
scoring_system epss
scoring_elements 0.35588
published_at 2026-06-08T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40253
published_at 2026-06-04T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40334
published_at 2026-06-05T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40337
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41896
1
reference_url https://github.com/tensorflow/tensorflow
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tensorflow/tensorflow
2
reference_url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:05Z/
url https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc
3
reference_url https://github.com/tensorflow/tensorflow/commit/39ec7eaf1428e90c37787e5b3fbd68ebd3c48860
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:05Z/
url https://github.com/tensorflow/tensorflow/commit/39ec7eaf1428e90c37787e5b3fbd68ebd3c48860
4
reference_url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:42:05Z/
url https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41896
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41896
6
reference_url https://github.com/advisories/GHSA-rmg2-f698-wq35
reference_id GHSA-rmg2-f698-wq35
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rmg2-f698-wq35
fixed_packages
0
url pkg:pypi/tensorflow-gpu@2.8.4
purl pkg:pypi/tensorflow-gpu@2.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
20
vulnerability VCID-yrtd-47vc-muff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.4
1
url pkg:pypi/tensorflow-gpu@2.9.3
purl pkg:pypi/tensorflow-gpu@2.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.9.3
2
url pkg:pypi/tensorflow-gpu@2.10.1
purl pkg:pypi/tensorflow-gpu@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jte-hpg7-gydx
1
vulnerability VCID-36ey-jnev-qqf8
2
vulnerability VCID-37j3-cnw5-4fch
3
vulnerability VCID-6f4y-m6ca-nyf6
4
vulnerability VCID-6yy3-r6mh-j3e8
5
vulnerability VCID-8nt4-mp8z-b3et
6
vulnerability VCID-b31k-j7yk-muhz
7
vulnerability VCID-c1qd-61t7-2fe3
8
vulnerability VCID-cvdm-ubbq-63ew
9
vulnerability VCID-dftm-vs4w-kfag
10
vulnerability VCID-ev9c-cxzc-p7hb
11
vulnerability VCID-h18h-987d-q7he
12
vulnerability VCID-j7jy-3r33-x7fy
13
vulnerability VCID-mj52-z2qy-4bd8
14
vulnerability VCID-q2hk-yjnj-jbfb
15
vulnerability VCID-qh3y-aeak-u3hg
16
vulnerability VCID-upnq-6wx8-gug8
17
vulnerability VCID-v68f-q5vf-wkf5
18
vulnerability VCID-w5vq-nwu5-pken
19
vulnerability VCID-xej2-7wvk-xuec
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.10.1
aliases CVE-2022-41896, GHSA-rmg2-f698-wq35
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zc2s-1rty-hyd9
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/tensorflow-gpu@2.8.0rc0