BIT-tensorflow-2022-29213

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/tensorflow/BIT-tensorflow-2022-29213.json
JSON Data
https://api.test.osv.dev/v1/vulns/BIT-tensorflow-2022-29213
Aliases
Published
2024-03-06T11:14:14.012Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the tf.compat.v1.signal.rfft2d and tf.compat.v1.signal.rfft3d lack input validation and under certain condition can result in crashes (due to CHECK-failures). Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Database specific 
{
    "cpes": [
        "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*",
        "cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}
References

Affected packages

Bitnami / tensorflow

Package

Name
tensorflow
Purl
pkg:bitnami/tensorflow

Severity

  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.4
Introduced
2.7.0
Fixed
2.7.2
Type
SEMVER
Events
Introduced
2.7.0-rc0
Last affected
2.7.0-rc0
Introduced
2.7.0-rc1
Last affected
2.7.0-rc1
Introduced
2.8.0
Last affected
2.8.0
Introduced
2.8.0-rc0
Last affected
2.8.0-rc0
Introduced
2.8.0-rc1
Last affected
2.8.0-rc1
Introduced
2.9.0-rc0
Last affected
2.9.0-rc0
Introduced
2.9.0-rc1
Last affected
2.9.0-rc1