Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-15196
HistorySep 25, 2020 - 7:15 p.m.

CVE-2020-15196

2020-09-2519:15:14
CWE-125
CWE-119
CWE-122
[email protected]
web.nvd.nist.gov
5
tensorflow
sparsecountsparseoutput
raggedcountsparseoutput
validation
weights tensor
out-of-bounds
heap buffer
patch
commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02
version 2.3.1

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

9.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.002

Percentile

64.8%

JSON

In Tensorflow version 2.3.0, the SparseCountSparseOutput and RaggedCountSparseOutput implementations don’t validate that the weights tensor has the same shape as the data. The check exists for DenseCountSparseOutput, where both tensors are fully specified. In the sparse and ragged count weights are still accessed in parallel with the data. But, since there is no validation, a user passing fewer weights than the values for the tensors can generate a read from outside the bounds of the heap buffer allocated for the weights. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

Affected configurations

Nvd
Node
googletensorflowMatch2.3.0-
VendorProductVersionCPE
googletensorflow2.3.0cpe:2.3:a:google:tensorflow:2.3.0:*:*:*:-:*:*:*

Related

osv 7
github 1
veracode 1
prion 1
cvelist 1
cve 1
ibm 4
osv
osv
CVE-2020-15196
2020-09-25 19:15:14
Heap buffer overflow in Tensorflow
2020-09-25 18:28:21
PYSEC-2020-311
2020-09-25 19:15:00
github
github
Heap buffer overflow in Tensorflow
2020-09-25 18:28:21
veracode
veracode
Information Disclosure
2020-09-28 06:43:32
prion
prion
Heap overflow
2020-09-25 19:15:00
cvelist
cvelist
CVE-2020-15196 Heap buffer overflow in Tensorflow
2020-09-25 18:40:36
cve
cve
CVE-2020-15196
2020-09-25 19:15:14
ibm
ibm
Security Bulletin: Tensor Flow security vulnerabilities on IBM Watson Machine Learning on CP4D
2021-04-07 14:04:38
Security Bulletin: Tensor Flow security vulnerabilities on IBM Watson Machine Learning Server
2021-04-21 15:21:19
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow
2020-12-09 04:43:11

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

9.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.002

Percentile

64.8%

JSON
Related for NVD:CVE-2020-15196
osv7github1veracode1prion1cvelist1cve1ibm4