Skip to main content

Always-Incorrect Control Flow Implementation

CVE-2022-41884

Severity High
Score 7.5/10

Summary

TensorFlow is an open source platform for machine learning. If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. This issue affects versions prior to 2.8.4, 2.9.x prior to 2.9.3, and 2.10.x prior to 2.10.1.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-670 - Always-Incorrect Control Flow Implementation

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

Advisory Timeline

  • Published