Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-7jq4-ayzc-w3eu
Vulnerability ID VCID-7jq4-ayzc-w3eu
Aliases CVE-2020-15210
GHSA-x9j7-x98r-r4w2
PYSEC-2020-133
PYSEC-2020-290
PYSEC-2020-325
Summary In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and will release patch releases for all versions between 1.15 and 2.3. We recommend users to upgrade to TensorFlow 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
There are no known severity scores.
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html
https://github.com/tensorflow/tensorflow/commit/d58c96946b2880991d63d1dacacb32f0a4dfa453
https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x9j7-x98r-r4w2
No exploits are available.
There are no known vectors.

No EPSS data available for this vulnerability.

Date Actor Action Source VulnerableCode Version
2026-06-02T04:07:22.737296+00:00 Pypa Importer Import https://github.com/pypa/advisory-database/blob/main/vulns/tensorflow-cpu/PYSEC-2020-290.yaml 38.6.0