Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Partial details (8 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1.
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)
WS-2022-0401
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
TensorFlow is an open source machine learning framework for everyone.
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Another instance of CVE-2022-35991, where TensorListScatter and TensorListScatterV2 crash via non scalar inputs inelement_shape, was found in eager mode and fixed.
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)
CVE-2023-33976
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
TensorFlow is an open source machine learning framework for everyone.
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12.
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)
CVE-2023-25676
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
TensorFlow is an open source machine learning framework for everyone.
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1.
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)
CVE-2023-25675
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
TensorFlow is an open source machine learning framework for everyone.
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1.
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)
CVE-2023-25674
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
TensorFlow is an open source machine learning framework for everyone.
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1.
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)
CVE-2023-25673
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
TensorFlow is an open source machine learning framework for everyone.
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)
CVE-2023-25672
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
TensorFlow is an open source machine learning framework for everyone.
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
TensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
TensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2023-25668
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whlTensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Dependency Hierarchy: - :x: **tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl** (Vulnerable Library)
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Found in base branch: branch-23.03
### Vulnerability DetailsTensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1.
Publish Date: 2023-03-24
URL: CVE-2023-25668
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-gw97-ff7c-9v96
Release Date: 2023-03-24
Fix Resolution: 2.11.1
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)WS-2022-0401
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whlTensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Dependency Hierarchy: - :x: **tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl** (Vulnerable Library)
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Found in base branch: branch-23.03
### Vulnerability DetailsAnother instance of CVE-2022-35991, where TensorListScatter and TensorListScatterV2 crash via non scalar inputs inelement_shape, was found in eager mode and fixed.
Publish Date: 2022-11-22
URL: WS-2022-0401
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-xf83-q765-xm6m
Release Date: 2022-11-22
Fix Resolution: 2.9.3
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)CVE-2023-33976
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whlTensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Dependency Hierarchy: - :x: **tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl** (Vulnerable Library)
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Found in base branch: branch-23.03
### Vulnerability DetailsTensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12.
Publish Date: 2024-07-30
URL: CVE-2023-33976
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345
Release Date: 2024-07-30
Fix Resolution: 2.12.1
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)CVE-2023-25676
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whlTensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Dependency Hierarchy: - :x: **tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl** (Vulnerable Library)
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Found in base branch: branch-23.03
### Vulnerability DetailsTensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1.
Publish Date: 2023-03-24
URL: CVE-2023-25676
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq
Release Date: 2023-03-24
Fix Resolution: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)CVE-2023-25675
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whlTensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Dependency Hierarchy: - :x: **tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl** (Vulnerable Library)
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Found in base branch: branch-23.03
### Vulnerability DetailsTensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1.
Publish Date: 2023-03-24
URL: CVE-2023-25675
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj
Release Date: 2023-03-24
Fix Resolution: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)CVE-2023-25674
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whlTensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Dependency Hierarchy: - :x: **tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl** (Vulnerable Library)
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Found in base branch: branch-23.03
### Vulnerability DetailsTensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1.
Publish Date: 2023-03-24
URL: CVE-2023-25674
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579
Release Date: 2023-03-24
Fix Resolution: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)CVE-2023-25673
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whlTensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Dependency Hierarchy: - :x: **tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl** (Vulnerable Library)
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Found in base branch: branch-23.03
### Vulnerability DetailsTensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Publish Date: 2023-03-24
URL: CVE-2023-25673
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-647v-r7qq-24fh
Release Date: 2023-03-24
Fix Resolution: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)CVE-2023-25672
### Vulnerable Library - tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whlTensorFlow is an open source machine learning framework for everyone.
Library home page: https://files.pythonhosted.org/packages/47/30/7d3ba75c6c3b44d458d40622c6cc0695b08d5bcdde999bd2102362eac68c/tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Path to dependency file: /models/training-tuning-scripts/fraud-detection-models/requirements.txt
Path to vulnerable library: /models/training-tuning-scripts/fraud-detection-models/requirements.txt,/models/training-tuning-scripts/fraud-detection-models/requirements.txt
Dependency Hierarchy: - :x: **tensorflow-2.9.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl** (Vulnerable Library)
Found in HEAD commit: 42a2d393427e16f1b80a5df9fe14a37d045088ad
Found in base branch: branch-23.03
### Vulnerability DetailsTensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Publish Date: 2023-03-24
URL: CVE-2023-25672
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-94mm-g2mv-8p7r
Release Date: 2023-03-24
Fix Resolution: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0
Step up your Open Source Security Game with Mend [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)