CVE-2021-35958

moderate-risk
Published 2021-06-30

TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extract=True. NOTE: the vendor's position is that tf.keras.utils.get_file is not intended for untrusted archives

Do I need to act?

~
1.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Google

References (10)

Third Party Advisory https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall
Third Party Advisory https://github.com/tensorflow/tensorflow/blob/b8cad4c631096a34461ff8a07840d5f4d1...
Third Party Advisory https://github.com/tensorflow/tensorflow/blob/b8cad4c631096a34461ff8a07840d5f4d1...
Third Party Advisory https://keras.io/api/
Third Party Advisory https://vuln.ryotak.me/advisories/52
Third Party Advisory https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall
Third Party Advisory https://github.com/tensorflow/tensorflow/blob/b8cad4c631096a34461ff8a07840d5f4d1...
Third Party Advisory https://github.com/tensorflow/tensorflow/blob/b8cad4c631096a34461ff8a07840d5f4d1...
Third Party Advisory https://keras.io/api/
Third Party Advisory https://vuln.ryotak.me/advisories/52
39
/ 100
moderate-risk
Severity 31/34 · Critical
Exploitability 3/34 · Minimal
Exposure 5/34 · Minimal