TensorFlow vulnerable to integer overflow in EditDistance
CVE-2023-25662
7.5HIGH
What is CVE-2023-25662?
TensorFlow, a widely used open-source platform for machine learning, exposes an integer overflow vulnerability in its EditDistance function. This issue impacts versions prior to 2.12.0 and 2.11.1, potentially allowing attackers to exploit this flaw and lead to unpredictable behavior or information disclosure during processing. Users are urged to upgrade to the fixed versions to mitigate associated risks.
Affected Version(s)
tensorflow < 2.11.1