CVE-2022-29201

Published May 20th, 2022

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

2.1

LOW

Affected

PROJECT

Description

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizedConv2D` does not fully validate the input arguments. In this case, references get bound to `nullptr` for each argument that is empty. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

tensorflow/tensorflow

An Open Source Machine Learning Framework for Everyone

GitHub

196K