AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2020-15203: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as

highvulnerability

security

Source: NVD/CVE DatabaseSeptember 25, 2020CVE-2020-15203

Summary

TensorFlow versions before 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 contain a format string vulnerability (a bug where attackers can manipulate how data is printed to cause crashes) in the tf.strings.as_string function. By controlling the `fill` argument, an attacker can trigger a segmentation fault (a crash caused by accessing invalid memory).

Solution / Mitigation

Update TensorFlow to version 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1 or later. The issue is patched in commit 33be22c65d86256e6826666662e40dbdfe70ee83.

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 0.4%

Classification

Attack Type

Other

Attack SophisticationModerate

Impact (CIA+S)

integrityavailability

Taxonomy References

CWE (Weakness Type)

CWE-20 CWE-134

Affected Vendors

Related Issues

high

CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne

Similar attackNVD/CVE Database

critical

CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi

First tracked: February 15, 2026 at 08:38 PM

Classified by LLM (prompt v3) · confidence: 92%