7.5

CVE-2023-25669

EPSS 0.21%
Veröffentlicht 25.03.2023 00:15:07
Zuletzt bearbeitet 21.11.2024 07:49:54
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

TensorFlow has Floating Point Exception in AvgPoolGrad with XLA

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Google ≫ Tensorflow Version < 2.12.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.429

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security-advisories@github.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-697 Incorrect Comparison

The product compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.

https://github.com/tensorflow/tensorflow/commit/1295ae4dbb52fe06b19733b0257e2340d7b63b8d

Patch

https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-25669

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-25669

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-25669

EUVD