<p>There is no fixed version for <code>tensorlayer</code>.</p>

Arbitrary Code Execution Affecting tensorlayer package, versions [0,]

Snyk CVSS

Attack Complexity High

Privileges Required High

Confidentiality High

Integrity High

Availability High

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-PYTHON-TENSORLAYER-1066209
published 11 Apr 2021
disclosed 31 Jan 2021
credit d3m0n-r00t

Report a new vulnerability Found a mistake?

Introduced: 31 Jan 2021

CWE-94 Open this link in a new tab

How to fix?

There is no fixed version for tensorlayer.

Overview

tensorlayer is a High Level Tensorflow Deep Learning Library for Researcher and Engineer.

Affected versions of this package are vulnerable to Arbitrary Code Execution due to use of eval() in eval_layer() function without sanitising input.

References

GitHub Issue
GitHub PR