CVE-2023-25662

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-25662

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25662.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-25662

Aliases

Downstream

AZL-31209

AZL-35307

Published

2023-03-24T23:41:15.425Z

Modified

2026-05-28T03:54:12.326382224Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

TensorFlow vulnerable to integer overflow in EditDistance

Details

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/25xxx/CVE-2023-25662.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-190"
    ]
}

References

Affected packages

Git / github.com/tensorflow/tensorflow

Affected ranges

Type: GIT
Repo: https://github.com/tensorflow/tensorflow
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a3e2c692c18649329c4210cf8df2487d2028e267

Affected versions

0.*

0.5.0

0.6.0

v1.*

v1.1.0-rc1

v1.1.0-rc2

v1.12.1

v1.6.0-rc1

v1.9.0-rc2

v2.*

v2.11.0

v2.11.0-rc0

v2.11.0-rc1

v2.11.0-rc2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25662.json"