OSSForks/tensorflow
1
0
Fork 0
mirror of https://github.com/zebrajr/tensorflow.git synced 2025-12-06 12:20:11 +01:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Update SECURITY.md

Browse Source
This commit is contained in:
Mark Daoust 2023-06-23 07:25:50 -07:00 committed by GitHub
parent d0095f87c1
commit 88f4f07f76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@ -232,7 +232,7 @@ rules](https://bughunters.google.com/about/rules/6521337925468160/google-open-so
`tf.raw_ops.xxx` symbols is the best way to uncover code weakness, please bear `tf.raw_ops.xxx` symbols is the best way to uncover code weakness, please bear
in mind that this is not a typical use case that has security implications. It is in mind that this is not a typical use case that has security implications. It is
better to try to translate the vulnerability to something that can be exploited better to try to translate the vulnerability to something that can be exploited
during training or inference of a model (i.e., build a model tha when given a during training or inference of a model (i.e., build a model that when given a
specific input would produce unwanted behavior). Alternatively, if the specific input would produce unwanted behavior). Alternatively, if the
TensorFlow API is only used in ancillary tooling, consider the environment where TensorFlow API is only used in ancillary tooling, consider the environment where
the tool would run. For example, if `saved_model_cli` tool would crash on the tool would run. For example, if `saved_model_cli` tool would crash on