VulnerableCode Vulnerability Details - VCID-y3ch-ejsn-3fgs

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-y3ch-ejsn-3fgs

Essentials
Severities (3)
References (3)
Severity details (3)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-y3ch-ejsn-3fgs
Aliases	CVE-2018-7574 GHSA-943p-xc6m-c6gr
Summary	Out-of-bounds Read Google TensorFlow is affected by a Null Pointer Dereference vulnerability.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-125	Out-of-bounds Read
CWE-476	NULL Pointer Dereference
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-943p-xc6m-c6gr
generic_textual	HIGH	https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2018-7574

Reference id	Reference type	URL
		https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2018-001.md
CVE-2018-7574		https://nvd.nist.gov/vuln/detail/CVE-2018-7574
GHSA-943p-xc6m-c6gr		https://github.com/advisories/GHSA-943p-xc6m-c6gr

No exploits are available.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-05-30T20:55:02.806117+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/tensorflow/CVE-2018-7574.yml	38.6.0