AVG-1350 log

Package tensorflow
Status Fixed
Severity Medium
Type denial of service
Affected 2.3.1-7
Fixed 2.4.0rc4-1
Current 2.15.0-6 [extra]
Ticket None
Created Fri Dec 11 15:25:12 2020
Issue Severity Remote Type Description
CVE-2020-15266 Low No Denial of service
In Tensorflow before version 2.4.0, when the boxes argument of tf.image.crop_and_resize has a very large value, the CPU kernel implementation receives it as...
CVE-2020-15265 Medium No Denial of service
In Tensorflow before version 2.4.0, an attacker can pass an invalid axis value to tf.quantization.quantize_and_dequantize. This results in accessing a...