CVE-2020-15266 log
Source |
|
Severity | Low |
Remote | No |
Type | Denial of service |
Description | In Tensorflow before version 2.4.0, when the boxes argument of tf.image.crop_and_resize has a very large value, the CPU kernel implementation receives it as a C++ nan floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1350 | tensorflow | 2.3.1-7 | 2.4.0rc4-1 | Medium | Fixed |