Security Advisory

CVE-2021-35958

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-30 00:12:53

Last updated 2024-08-04 00:47:42

Assigner mitre

State PUBLISHED

Description

TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extract=True. NOTE: the vendors position is that tf.keras.utils.get_file is not intended for untrusted archives

← Browse all CVEs View on cve.org ↗