7.5

CVE-2023-25669

TensorFlow has Floating Point Exception in AvgPoolGrad with XLA

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleTensorflow Version < 2.12.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.307
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security-advisories@github.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-697 Incorrect Comparison

The product compares two entities in a security-relevant context, but the comparison is incorrect.

https://github.com/tensorflow/tensorflow/commit/1295ae4dbb52fe06b19733b0257e2340d7b63b8d
Patch
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p
Patch
Vendor Advisory