Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-15210
HistorySep 25, 2020 - 7:15 p.m.

CVE-2020-15210

2020-09-2519:15:16
CWE-20
CWE-787
[email protected]
web.nvd.nist.gov
4
tensorflow-lite
segmentation fault
patched vulnerability

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

EPSS

0.002

Percentile

57.7%

JSON

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and will release patch releases for all versions between 1.15 and 2.3. We recommend users to upgrade to TensorFlow 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

Affected configurations

Nvd
Node
googletensorflowRange<1.15.4lite
OR
googletensorflowRange2.0.02.0.3lite
OR
googletensorflowRange2.1.02.1.2lite
OR
googletensorflowRange2.2.02.2.1lite
OR
googletensorflowRange2.3.02.3.1lite
Node
opensuseleapMatch15.2
VendorProductVersionCPE
googletensorflow*cpe:2.3:a:google:tensorflow:*:*:*:*:lite:*:*:*
opensuseleap15.2cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Related

osv 6
cve 1
prion 1
cvelist 1
github 1
suse 1
nessus 1
openvas 1
ibm 4
osv
osv
BIT-tensorflow-2020-15210
2024-03-06 11:20:27
PYSEC-2020-325
2020-09-25 19:15:00
CVE-2020-15210
2020-09-25 19:15:16
cve
cve
CVE-2020-15210
2020-09-25 19:15:16
prion
prion
Memory corruption
2020-09-25 19:15:00
cvelist
cvelist
CVE-2020-15210 Segmentation fault in tensorflow-lite
2020-09-25 18:45:30
github
github
Segmentation fault in tensorflow-lite
2020-09-25 18:28:51
suse
suse
Security update for tensorflow2 (moderate)
2020-10-29 00:00:00
nessus
nessus
openSUSE Security Update : tensorflow2 (openSUSE-2020-1766)
2020-10-30 00:00:00
openvas
openvas
openSUSE: Security Advisory for tensorflow2 (openSUSE-SU-2020:1766-1)
2020-10-30 00:00:00
ibm
ibm
Security Bulletin: Numerous CVE entires for TensorFlow in Watson Machine Learning Community Edition
2020-10-29 21:58:10
Security Bulletin: Tensor Flow security vulnerabilities on IBM Watson Machine Learning Server
2021-04-21 15:21:19
Security Bulletin: Tensor Flow security vulnerabilities on IBM Watson Machine Learning on CP4D
2021-04-07 14:04:38

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

EPSS

0.002

Percentile

57.7%

JSON
Related for NVD:CVE-2020-15210
osv6cve1prion1cvelist1github1suse1nessus1openvas1ibm4