Lucene search
China National Vulnerability DatabaseCNVD-2022-09873HistoryNov 24, 2021 - 12:00 a.m.
Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-09873)
2021-11-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
36.4%
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google TensorFlow is vulnerable to an input validation error, which can be exploited to call tf.image.resize with large input parameters, then the TensorFlow process will crash due to a CHECK failure caused by an overflow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| google tensorflow | lt | 2.7.0 | |
| google tensorflow | lt | 2.6.1 | |
| google tensorflow | lt | 2.5.2 | |
| google tensorflow | lt | 2.4.4 |
Related
prion
prion
Integer overflow
2021-11-05 20:15:00
cve
cve
CVE-2021-41199
2021-11-05 20:15:07
veracode
veracode
Denial Of Service (DoS)
2021-11-08 20:28:56
osv
osv
PYSEC-2021-609
2021-11-05 20:15:00
PYSEC-2021-807
2021-11-05 20:15:00
Overflow/crash in `tf.image.resize` when size is large
2021-11-10 19:33:24
cvelist
cvelist
CVE-2021-41199 Overflow/crash in `tf.image.resize` when size is large
2021-11-05 19:55:19
nvd
nvd
CVE-2021-41199
2021-11-05 20:15:07
github
github
Overflow/crash in `tf.image.resize` when size is large
2021-11-10 19:33:24
