Search for vulnerabilities
| Vulnerability ID | VCID-hcud-kg7b-zyhx |
| Aliases |
CVE-2022-23593
GHSA-gwcx-jrx4-92w2 PYSEC-2022-102 PYSEC-2022-157 |
| Summary | Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| There are no known severity scores. | ||
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-06-02T04:16:44.079646+00:00 | Pypa Importer | Import | https://github.com/pypa/advisory-database/blob/main/vulns/tensorflow-cpu/PYSEC-2022-102.yaml | 38.6.0 |