Lucene search
GoogleOSV:CVE-2022-23591HistoryFeb 04, 2022 - 11:15 p.m.
CVE-2022-23591
2022-02-0423:15:15
Google
osv.dev
7
0.001 Low
EPSS
Percentile
38.1%
Tensorflow is an Open Source Machine Learning Framework. The GraphDef format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a GraphDef containing a fragment such as the following can be consumed when loading a SavedModel. This would result in a stack overflow during execution as resolving each NodeDef means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
Related
cnvd
cnvd
Google Tensorflow Resource Management Error Vulnerability (CNVD-2022-09860)
2022-02-09 00:00:00
osv
osv
BIT-tensorflow-2022-23591
2024-03-06 11:14:47
PYSEC-2022-155
2022-02-04 23:15:00
PYSEC-2022-100
2022-02-04 23:15:00
github
github
Stack overflow in TensorFlow
2022-02-09 23:30:01
cve
cve
CVE-2022-23591
2022-02-04 23:15:15
cvelist
cvelist
CVE-2022-23591 Stack overflow in Tensorflow
2022-02-04 22:32:09
veracode
veracode
Denial Of Service (DoS)
2022-02-08 09:00:06
prion
prion
Stack overflow
2022-02-04 23:15:00
nvd
nvd
CVE-2022-23591
2022-02-04 23:15:15
