Google: >> Tensorflow >> 2.4.3 Security Vulnerabilities
TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extract=True. NOTE: the vendor's position is that tf.keras.utils.get_file is not intended for untrusted archives
CVSS Score
9.1
EPSS Score
0.011
Published
2021-06-30
Page 20