{"id":"CVE-2020-15200","details":"In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the `splits` tensor generate a valid partitioning of the `values` tensor. Thus, the code sets up conditions to cause a heap buffer overflow. A `BatchedMap` is equivalent to a vector where each element is a hashmap. However, if the first element of `splits_values` is not 0, `batch_idx` will never be 1, hence there will be no hashmap at index 0 in `per_batch_counts`. Trying to access that in the user code results in a segmentation fault. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.","aliases":["BIT-tensorflow-2020-15200","GHSA-x7rp-74x2-mjf3","PYSEC-2020-123","PYSEC-2020-280","PYSEC-2020-315"],"modified":"2026-02-20T16:42:10.019705Z","published":"2020-09-25T19:15:15.260Z","related":["GHSA-x7rp-74x2-mjf3"],"references":[{"type":"ADVISORY","url":"https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02"},{"type":"ADVISORY","url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1"},{"type":"ADVISORY","url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x7rp-74x2-mjf3"},{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02"},{"type":"EVIDENCE","url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x7rp-74x2-mjf3"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tensorflow/tensorflow","events":[{"introduced":"0"},{"last_affected":"b36436b087bd8e8701ef51718179037cccdfc26e"}]}],"versions":["0.12.0-rc0","0.12.0-rc1","0.12.1","0.5.0","0.6.0","v0.10.0","v0.10.0rc0","v0.11.0","v0.11.0rc0","v0.11.0rc1","v0.11.0rc2","v0.12.0","v0.7.0","v0.7.1","v0.8.0rc0","v0.9.0","v0.9.0rc0","v1.0.0","v1.0.0-alpha","v1.0.0-rc0","v1.0.0-rc1","v1.0.0-rc2","v1.1.0","v1.1.0-rc0","v1.1.0-rc1","v1.1.0-rc2","v1.12.0","v1.12.0-rc0","v1.12.0-rc1","v1.12.0-rc2","v1.12.1","v1.2.0","v1.2.0-rc0","v1.2.0-rc1","v1.2.0-rc2","v1.3.0-rc0","v1.3.0-rc1","v1.5.0","v1.5.0-rc0","v1.5.0-rc1","v1.6.0","v1.6.0-rc0","v1.6.0-rc1","v1.7.0","v1.7.0-rc0","v1.7.0-rc1","v1.8.0","v1.8.0-rc0","v1.8.0-rc1","v1.9.0","v1.9.0-rc0","v1.9.0-rc1","v1.9.0-rc2","v2.3.0","v2.3.0-rc0","v2.3.0-rc1","v2.3.0-rc2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15200.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}