Lucene search
GoogleOSV:CVE-2020-26266HistoryDec 10, 2020 - 11:15 p.m.
CVE-2020-26266
2020-12-1023:15:12
Google
osv.dev
11
tensorflow
uninitialized values
code execution
fixed versions
software
In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.
Related
osv
osv
PYSEC-2020-297
2020-12-10 23:15:00
BIT-tensorflow-2020-26266
2024-03-06 11:20:18
PYSEC-2020-332
2020-12-10 23:15:00
github
github
Uninitialized memory access in TensorFlow
2020-12-10 19:07:24
veracode
veracode
Arbitrary Code Execution
2020-12-11 03:15:44
cvelist
cvelist
CVE-2020-26266 Uninitialized memory access in Eigen types in TensorFlow
2020-12-10 22:10:47
nvd
nvd
CVE-2020-26266
2020-12-10 23:15:12
prion
prion
Design/Logic Flaw
2020-12-10 23:15:00
cve
cve
CVE-2020-26266
2020-12-10 23:15:12
ibm
ibm
archlinux
archlinux
[ASA-202012-22] tensorflow: multiple issues
2020-12-16 00:00:00
suse
suse
Security update for tensorflow2 (moderate)
2022-06-18 00:00:00
nessus
nessus
openSUSE 15 Security Update : tensorflow2 (openSUSE-SU-2022:10014-1)
2022-06-19 00:00:00