Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:PYSEC-2022-70
HistoryFeb 04, 2022 - 11:15 p.m.

PYSEC-2022-70

2022-02-0423:15:00
Google
osv.dev
5
tensorflow
tflite
vulnerability
fix
machine learning
security
memory allocator

EPSS

0.001

Percentile

42.8%

JSON

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

Related

cvelist 1
osv 4
cnvd 1
prion 1
github 1
nvd 1
cve 1
ibm 1
cvelist
cvelist
CVE-2022-23561 Out of bounds write in TFLite
2022-02-04 22:32:46
osv
osv
CVE-2022-23561
2022-02-04 23:15:13
BIT-tensorflow-2022-23561
2024-03-06 11:15:26
PYSEC-2022-125
2022-02-04 23:15:00
cnvd
cnvd
Google Tensorflow Buffer Overflow Vulnerability (CNVD-2022-09887)
2022-02-09 00:00:00
prion
prion
Out-of-bounds
2022-02-04 23:15:00
github
github
Out of bounds write in TFLite
2022-02-09 23:53:47
nvd
nvd
CVE-2022-23561
2022-02-04 23:15:13
cve
cve
CVE-2022-23561
2022-02-04 23:15:13
ibm
ibm
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow
2022-03-30 15:22:10

EPSS

0.001

Percentile

42.8%

JSON
Related for OSV:PYSEC-2022-70
cvelist1osv4cnvd1prion1github1nvd1cve1ibm1