Vulnetix
Try Vulnetix Request Demo
CVE-2022-23581 PUBLISHED

Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

EPSS 0.48% · 64.7th percentile

Risk Scores

EPSS Score
0.48%
64.7th percentile

Affected Products

VendorProductVersions
Bitnamitensorflow0, 2.6.0, 2.7.0
Bitnamitensorflow0, 2.6.0, 2.7.0

Timeline

References

Open in Interactive Console →