PYSEC-2019-204

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/tensorflow/PYSEC-2019-204.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2019-204

Aliases

Published

2019-04-24T17:29:00Z

Modified

2023-11-01T04:48:41.850069Z

Summary

[none]

Details

Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.

References

Affected packages

PyPI / tensorflow

Package

Name: tensorflow; View open source insights on deps.dev
Purl: pkg:pypi/tensorflow

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.1

Affected versions

0.*

0.12.0rc0

0.12.0rc1

0.12.0

0.12.1

1.*

1.0.0

1.0.1

1.1.0rc0

1.1.0rc1

1.1.0rc2

1.1.0

1.2.0rc0

1.2.0rc1

1.2.0rc2

1.2.0

1.2.1

1.3.0rc0

1.3.0rc1

1.3.0rc2

1.3.0

1.4.0rc0

1.4.0rc1

1.4.0

1.4.1

1.5.0rc0

1.5.0rc1

1.5.0

1.5.1

1.6.0rc0

1.6.0rc1

1.6.0

1.7.0rc0

1.7.0rc1

1.7.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/tensorflow/PYSEC-2019-204.yaml"