CVE-2023-25662

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-25662

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25662.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-25662

Aliases

Published

2023-03-24T23:41:15.425Z

Modified

2025-11-29T14:04:35.814394Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

TensorFlow vulnerable to integer overflow in EditDistance

Details

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/25xxx/CVE-2023-25662.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-190"
    ]
}

References

Affected packages

Git / github.com/tensorflow/tensorflow

Affected ranges

Type: GIT
Repo: https://github.com/tensorflow/tensorflow
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a3e2c692c18649329c4210cf8df2487d2028e267

Affected versions

0.*

0.12.0-rc0

0.12.0-rc1

0.12.1

0.5.0

0.6.0

v0.*

v0.10.0

v0.10.0rc0

v0.11.0

v0.11.0rc0

v0.11.0rc1

v0.11.0rc2

v0.12.0

v0.7.0

v0.7.1

v0.8.0rc0

v0.9.0

v0.9.0rc0

v1.*

v1.0.0

v1.0.0-alpha

v1.0.0-rc0

v1.0.0-rc1

v1.0.0-rc2

v1.1.0

v1.1.0-rc0

v1.1.0-rc1

v1.1.0-rc2

v1.12.0

v1.12.0-rc0

v1.12.0-rc1

v1.12.0-rc2

v1.12.1

v1.2.0

v1.2.0-rc0

v1.2.0-rc1

v1.2.0-rc2

v1.3.0-rc0

v1.3.0-rc1

v1.5.0

v1.5.0-rc0

v1.5.0-rc1

v1.6.0

v1.6.0-rc0

v1.6.0-rc1

v1.7.0

v1.7.0-rc0

v1.7.0-rc1

v1.8.0

v1.8.0-rc0

v1.8.0-rc1

v1.9.0

v1.9.0-rc0

v1.9.0-rc1

v1.9.0-rc2

v2.*

v2.11.0

v2.11.0-rc0

v2.11.0-rc1

v2.11.0-rc2