Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Lack of validation in data format attributes in TensorFlow

🗓️ 10 Dec 2020 19:07:26Reported by GitHub Advisory DatabaseType 
github
 github🔗 github.com👁 62 Views

Lack of validation in data format attributes in TensorFlow. Unchecked assumptions in `tf.raw_ops.DataFormatVecPermute` and `tf.raw_ops.DataFormatDimMap` may result in memory access issues and crashes. Patched in GitHub commit ebc70b7a. Impacts TF versions 1.15 to 2.3

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow
27 Feb 202103:40
ibm
IBM Security Bulletins		Security Bulletin: Multiple TensorFlow Vulnerabilities Affect IBM Watson Machine Learning on CP4D
30 Jul 202105:03
ibm
IBM Security Bulletins		Security Bulletin: TensorFlow in Watson Machine Learning Community Edition 1.6.2 and 1.7.0 has been patched for various security issues.
4 Feb 202122:54
ibm
ArchLinux		[ASA-202012-22] tensorflow: multiple issues
16 Dec 202000:00
archlinux
Circl		CVE-2020-26267
11 Dec 202002:34
circl
CNNVD		Google TensorFlow 缓冲区错误漏洞
10 Dec 202000:00
cnnvd
CNVD		Google TensorFlow Buffer Overflow Vulnerability (CNVD-2021-00091)
15 Dec 202000:00
cnvd
CVE		CVE-2020-26267
10 Dec 202022:10
cve
Cvelist		CVE-2020-26267 Lack of validation in data format attributes in TensorFlow
10 Dec 202022:10
cvelist
Debian CVE		CVE-2020-26267
10 Dec 202022:10
debiancve
Rows per page
Vulners
Node
tensorflow-gpuRange2.3.02.3.2pip
OR
tensorflow-gpuRange2.2.02.2.2pip
OR
tensorflow-gpuRange2.1.02.1.3pip
OR
tensorflow-gpuRange2.0.02.0.4pip
OR
tensorflow-gpuRange<1.15.5pip
OR
tensorflow-cpuRange2.3.02.3.2pip
OR
tensorflow-cpuRange2.2.02.2.2pip
OR
tensorflow-cpuRange2.1.02.1.3pip
OR
tensorflow-cpuRange2.0.02.0.4pip
OR
tensorflow-cpuRange<1.15.5pip
OR
tensorflowtensorflowRange2.3.02.3.2pip
OR
tensorflowtensorflowRange2.2.02.2.2pip
OR
tensorflowtensorflowRange2.1.02.1.3pip
OR
tensorflowtensorflowRange2.0.02.0.4pip
OR
tensorflowtensorflowRange<1.15.5pip

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
28 Oct 2024 20:02Current
2.1Low risk
Vulners AI Score2.1
CVSS 24.3
CVSS 3.14.4 - 7.8
EPSS0.00018
CWE-125
tensorflowdataformatvecpermutedataformatdimmapvalidationmemory accesscrashespatchgithubcommmitsecurity guideaivul teamqihoo 360
62