CVE-2023-25666

CVSS V2 None CVSS V3 None

Description

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Overview

CVE ID
CVE-2023-25666

Assigner
security-advisories@github.com

Vulnerability Status
Analyzed

Published Version
2023-03-25T00:15:07

Last Modified Date
2023-03-31T14:19:13

Weakness Enumerations

CWE	URL
CWE-697	http://cwe.mitre.org/data/definitions/697.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:google:tensorflow::::::::	1	OR		2.12.0

References

Reference URL	Reference Tags
https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14	Patch
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2	Patch

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-25666
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25666

History

Created	Old Value	New Value	Data Type	Notes
2023-04-17 03:26:51				Added to TrackCVE
2023-04-17 03:26:53			Weakness Enumeration	new