Описание
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tensorflow | not-affected | package |
EPSS
Процентиль: 33%
0.00128
Низкий
Связанные уязвимости
CVSS3: 6.5
nvd
почти 6 лет назад
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc.
CVSS3: 6.5
github
больше 5 лет назад
Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory.
EPSS
Процентиль: 33%
0.00128
Низкий