| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Information disclosure |
|
| Description |
| + |
A security issue has been found in TensorFlow before version 2.4.2. If the "splits" argument of RaggedBincount does not specify a valid SparseTensor, then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the splits tensor buffer in the implementation of the RaggedBincount op. |
|
| References |
| + |
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4278-2v5v-65r4 |
| + |
https://github.com/tensorflow/tensorflow/commit/eebb96c2830d48597d055d247c0e9aebaea94cd5 |
|
| Notes |
|