CVE-2021-41202 log

Severity Medium
Remote No
Type Incorrect calculation
In TensorFlow before version 2.6.1, while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition will be cast to double and the result would be truncated before the assignment. This result in overflows.
Group Package Affected Fixed Severity Status Ticket
AVG-2529 tensorflow 2.6.0-6 2.6.1-1 High Fixed