Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to an input validation error in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which originates in tf.raw_ops QuantizeAndDequantizeV4Grad does not fully validate the input parameters and can be exploited to cause a CHECK failure and trigger a denial of service attack.
CPE | Name | Operator | Version |
---|---|---|---|
Google TensorFlow | lt | 2.6.4 | |
Google TensorFlow | lt | 2.7.2 | |
Google TensorFlow | lt | 2.8.1 | |
Google TensorFlow | lt | 2.9.0 |