Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2020-15198
HistorySep 25, 2020 - 7:15 p.m.

CVE-2020-15198

2020-09-2519:15:15
Google
osv.dev
4
tensorflow
sparsecountsparseoutput
validation
heap buffer overflow

EPSS

0.001

Percentile

40.5%

JSON

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed in parallel. Thus, a shape mismatch can result in accesses outside the bounds of heap allocated buffers. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

Related

github 1
osv 5
prion 1
cve 1
veracode 1
cvelist 1
nvd 1
github
github
Heap buffer overflow in Tensorflow
2020-09-25 18:28:22
osv
osv
BIT-tensorflow-2020-15198
2024-03-06 11:20:42
PYSEC-2020-121
2020-09-25 19:15:00
Heap buffer overflow in Tensorflow
2020-09-25 18:28:22
prion
prion
Out-of-bounds
2020-09-25 19:15:00
cve
cve
CVE-2020-15198
2020-09-25 19:15:15
veracode
veracode
Arbitrary Code Execution
2020-09-28 08:06:25
cvelist
cvelist
CVE-2020-15198 Heap buffer overflow in Tensorflow
2020-09-25 18:40:25
nvd
nvd
CVE-2020-15198
2020-09-25 19:15:15

EPSS

0.001

Percentile

40.5%

JSON
Related for OSV:CVE-2020-15198
github1osv5prion1cve1veracode1cvelist1nvd1