{"url":"http://public2.vulnerablecode.io/api/packages/57891?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.7.0","type":"maven","namespace":"org.tensorflow","name":"parentpom","version":"1.7.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.7.1","latest_non_vulnerable_version":"1.7.1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3910?format=json","vulnerability_id":"VCID-bpf4-92yf-mbc3","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26266","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16351","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26266"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-297.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-297.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-332.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-332.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-254.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-254.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"},{"reference_url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2"},{"reference_url":"https://security.archlinux.org/ASA-202012-22","reference_id":"ASA-202012-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-22"},{"reference_url":"https://security.archlinux.org/AVG-1348","reference_id":"AVG-1348","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1348"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26266","reference_id":"CVE-2020-26266","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26266"},{"reference_url":"https://github.com/advisories/GHSA-qhxx-j73r-qpm2","reference_id":"GHSA-qhxx-j73r-qpm2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qhxx-j73r-qpm2"}],"fixed_packages":[],"aliases":["CVE-2020-26266","GHSA-qhxx-j73r-qpm2","PYSEC-2020-254","PYSEC-2020-297","PYSEC-2020-332"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bpf4-92yf-mbc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3905?format=json","vulnerability_id":"VCID-ddza-zrpb-s7bp","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26271","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04394","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26271"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-302.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-302.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-337.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-337.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-257.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-257.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/0cc38aaa4064fd9e79101994ce9872c6d91f816b","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/0cc38aaa4064fd9e79101994ce9872c6d91f816b"},{"reference_url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q263-fvxm-m5mw","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q263-fvxm-m5mw"},{"reference_url":"https://security.archlinux.org/ASA-202012-22","reference_id":"ASA-202012-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-22"},{"reference_url":"https://security.archlinux.org/AVG-1348","reference_id":"AVG-1348","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1348"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26271","reference_id":"CVE-2020-26271","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26271"},{"reference_url":"https://github.com/advisories/GHSA-q263-fvxm-m5mw","reference_id":"GHSA-q263-fvxm-m5mw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-q263-fvxm-m5mw"}],"fixed_packages":[],"aliases":["CVE-2020-26271","GHSA-q263-fvxm-m5mw","PYSEC-2020-257","PYSEC-2020-302","PYSEC-2020-337"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ddza-zrpb-s7bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35355?format=json","vulnerability_id":"VCID-fjh5-fxj2-e3ap","summary":"Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code (local).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8825","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47952","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8825"},{"reference_url":"https://github.com/advisories/GHSA-frxx-2m33-6wcr","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-frxx-2m33-6wcr"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-226.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-226.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-233.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-233.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-208.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-208.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-003.md","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-003.md"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/41335abb46f80ca644b5738550daef6136ba5476","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/41335abb46f80ca644b5738550daef6136ba5476"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/8badd11d875a826bd318ed439909d5c47a7fb811","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/8badd11d875a826bd318ed439909d5c47a7fb811"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-8825","reference_id":"CVE-2018-8825","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-8825"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/233352?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.8.0-rc0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.8.0-rc0"},{"url":"http://public2.vulnerablecode.io/api/packages/57892?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.8.0"}],"aliases":["CVE-2018-8825","GHSA-frxx-2m33-6wcr","PYSEC-2019-208","PYSEC-2019-226","PYSEC-2019-233"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fjh5-fxj2-e3ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35358?format=json","vulnerability_id":"VCID-q81h-cm4m-93c9","summary":"Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7577","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3733","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7577"},{"reference_url":"https://github.com/advisories/GHSA-qx2v-j445-g354","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qx2v-j445-g354"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-225.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-225.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-232.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-232.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-207.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-207.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-005.md","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-005.md"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/dfa9921e6343727b05f42f8d4a918b19528ff994","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/dfa9921e6343727b05f42f8d4a918b19528ff994"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7577","reference_id":"CVE-2018-7577","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/233352?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.8.0-rc0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.8.0-rc0"},{"url":"http://public2.vulnerablecode.io/api/packages/57892?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.8.0"}],"aliases":["CVE-2018-7577","GHSA-qx2v-j445-g354","PYSEC-2019-207","PYSEC-2019-225","PYSEC-2019-232"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q81h-cm4m-93c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35359?format=json","vulnerability_id":"VCID-qcq3-q226-u7gn","summary":"Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7575","reference_id":"","reference_type":"","scores":[{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38762","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7575"},{"reference_url":"https://github.com/advisories/GHSA-mw6v-crh8-8533","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mw6v-crh8-8533"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-223.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-223.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-230.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-230.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-205.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-205.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-004.md","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-004.md"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/d107fee1e4a9a4462f01564798d345802acc2aef","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/d107fee1e4a9a4462f01564798d345802acc2aef"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7575","reference_id":"CVE-2018-7575","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/233352?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.8.0-rc0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.8.0-rc0"},{"url":"http://public2.vulnerablecode.io/api/packages/57892?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.8.0"}],"aliases":["CVE-2018-7575","GHSA-mw6v-crh8-8533","PYSEC-2019-205","PYSEC-2019-223","PYSEC-2019-230"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qcq3-q226-u7gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3908?format=json","vulnerability_id":"VCID-tu1g-gp43-yyar","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26268","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05045","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26268"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-299.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-299.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-334.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-334.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-255.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-255.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/c1e1fc899ad5f8c725dcbb6470069890b5060bc7","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/c1e1fc899ad5f8c725dcbb6470069890b5060bc7"},{"reference_url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hhvc-g5hv-48c6","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hhvc-g5hv-48c6"},{"reference_url":"https://security.archlinux.org/ASA-202012-22","reference_id":"ASA-202012-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-22"},{"reference_url":"https://security.archlinux.org/AVG-1348","reference_id":"AVG-1348","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1348"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26268","reference_id":"CVE-2020-26268","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26268"},{"reference_url":"https://github.com/advisories/GHSA-hhvc-g5hv-48c6","reference_id":"GHSA-hhvc-g5hv-48c6","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hhvc-g5hv-48c6"}],"fixed_packages":[],"aliases":["CVE-2020-26268","GHSA-hhvc-g5hv-48c6","PYSEC-2020-255","PYSEC-2020-299","PYSEC-2020-334"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tu1g-gp43-yyar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3906?format=json","vulnerability_id":"VCID-v4z1-cx3v-jffz","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26270","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05282","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26270"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-301.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-301.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-336.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-336.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-256.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-256.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/14755416e364f17fb1870882fa778c7fec7f16e3","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/14755416e364f17fb1870882fa778c7fec7f16e3"},{"reference_url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m648-33qf-v3gp","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m648-33qf-v3gp"},{"reference_url":"https://security.archlinux.org/ASA-202012-22","reference_id":"ASA-202012-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-22"},{"reference_url":"https://security.archlinux.org/AVG-1348","reference_id":"AVG-1348","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1348"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26270","reference_id":"CVE-2020-26270","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26270"},{"reference_url":"https://github.com/advisories/GHSA-m648-33qf-v3gp","reference_id":"GHSA-m648-33qf-v3gp","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m648-33qf-v3gp"}],"fixed_packages":[],"aliases":["CVE-2020-26270","GHSA-m648-33qf-v3gp","PYSEC-2020-256","PYSEC-2020-301","PYSEC-2020-336"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v4z1-cx3v-jffz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35356?format=json","vulnerability_id":"VCID-vwuk-11fn-ake8","summary":"Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10055","reference_id":"","reference_type":"","scores":[{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38503","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10055"},{"reference_url":"https://github.com/advisories/GHSA-q492-f7gr-27rp","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q492-f7gr-27rp"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-222.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-222.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-229.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-229.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-204.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-204.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-006.md","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-006.md"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/c89ab82a82585cdaa90bf4911980e9e845909e78","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/c89ab82a82585cdaa90bf4911980e9e845909e78"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10055","reference_id":"CVE-2018-10055","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10055"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57901?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.7.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/233352?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.8.0-rc0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.8.0-rc0"}],"aliases":["CVE-2018-10055","GHSA-q492-f7gr-27rp","PYSEC-2019-204","PYSEC-2019-222","PYSEC-2019-229"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vwuk-11fn-ake8"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35551?format=json","vulnerability_id":"VCID-rbuk-192h-vyaj","summary":"TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-21233","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31653","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-21233"},{"reference_url":"https://github.com/advisories/GHSA-h98h-8mxr-m8gx","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h98h-8mxr-m8gx"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-269.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-269.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-304.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-304.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-253.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-253.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/49f73c55d56edffebde4bca4a407ad69c1cae433","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/49f73c55d56edffebde4bca4a407ad69c1cae433"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-21233","reference_id":"CVE-2018-21233","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-21233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57891?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-fjh5-fxj2-e3ap"},{"vulnerability":"VCID-q81h-cm4m-93c9"},{"vulnerability":"VCID-qcq3-q226-u7gn"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"},{"vulnerability":"VCID-vwuk-11fn-ake8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.7.0"}],"aliases":["CVE-2018-21233","GHSA-h98h-8mxr-m8gx","PYSEC-2020-253","PYSEC-2020-269","PYSEC-2020-304"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rbuk-192h-vyaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40933?format=json","vulnerability_id":"VCID-u9fu-9zvx-rfhj","summary":"Out-of-bounds Read\nGoogle TensorFlow is affected by a Null Pointer Dereference vulnerability.","references":[{"reference_url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7574","reference_id":"CVE-2018-7574","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7574"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/233350?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.7.0-rc0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-fjh5-fxj2-e3ap"},{"vulnerability":"VCID-q81h-cm4m-93c9"},{"vulnerability":"VCID-qcq3-q226-u7gn"},{"vulnerability":"VCID-rbuk-192h-vyaj"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"},{"vulnerability":"VCID-vwuk-11fn-ake8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.7.0-rc0"},{"url":"http://public2.vulnerablecode.io/api/packages/57891?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-fjh5-fxj2-e3ap"},{"vulnerability":"VCID-q81h-cm4m-93c9"},{"vulnerability":"VCID-qcq3-q226-u7gn"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"},{"vulnerability":"VCID-vwuk-11fn-ake8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.7.0"}],"aliases":["CVE-2018-7574","GHSA-943p-xc6m-c6gr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9fu-9zvx-rfhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35354?format=json","vulnerability_id":"VCID-y7rd-3fhm-2qd5","summary":"Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7576","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28772","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7576"},{"reference_url":"https://github.com/advisories/GHSA-jfq2-rj7f-9gvf","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jfq2-rj7f-9gvf"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-224.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-224.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-231.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-231.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-206.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-206.yaml"},{"reference_url":"https://github.com/tensorflow/tensorflow","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow"},{"reference_url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-002.md","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-002.md"},{"reference_url":"https://github.com/tensorflow/tensorflow/commit/c48431588e7cf8aff61d4c299231e3e925144df8","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tensorflow/tensorflow/commit/c48431588e7cf8aff61d4c299231e3e925144df8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7576","reference_id":"CVE-2018-7576","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7576"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/233350?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.7.0-rc0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-fjh5-fxj2-e3ap"},{"vulnerability":"VCID-q81h-cm4m-93c9"},{"vulnerability":"VCID-qcq3-q226-u7gn"},{"vulnerability":"VCID-rbuk-192h-vyaj"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"},{"vulnerability":"VCID-vwuk-11fn-ake8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.7.0-rc0"},{"url":"http://public2.vulnerablecode.io/api/packages/57891?format=json","purl":"pkg:maven/org.tensorflow/parentpom@1.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bpf4-92yf-mbc3"},{"vulnerability":"VCID-ddza-zrpb-s7bp"},{"vulnerability":"VCID-fjh5-fxj2-e3ap"},{"vulnerability":"VCID-q81h-cm4m-93c9"},{"vulnerability":"VCID-qcq3-q226-u7gn"},{"vulnerability":"VCID-tu1g-gp43-yyar"},{"vulnerability":"VCID-v4z1-cx3v-jffz"},{"vulnerability":"VCID-vwuk-11fn-ake8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.7.0"}],"aliases":["CVE-2018-7576","GHSA-jfq2-rj7f-9gvf","PYSEC-2019-206","PYSEC-2019-224","PYSEC-2019-231"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7rd-3fhm-2qd5"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.tensorflow/parentpom@1.7.0"}