{"id":"AZL-31212","summary":"CVE-2023-25675 affecting package tensorflow for versions less than 2.11.1-1","details":"TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1.","modified":"2026-04-01T05:10:01.261448Z","published":"2023-03-25T00:15:07Z","upstream":["CVE-2023-25675"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25675"}],"affected":[{"package":{"name":"tensorflow","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/tensorflow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.11.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-31212.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}