12 matches found
CVE-2023-25801
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...
CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1
CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...
Security Bulletin: Multiple Vulnerabilities affecting IBM Watson Studio in Cloud Pak for Data Are Addressed
Summary There are multiple vulnerabilities in Runtimes 22.2 component impacting IBM Watson Studio in Cloud Pak for Data. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-2800 DESCRIPTION: Hugging Face Transformers is vulnerable to a...
CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1
CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in TensorFlow (CVE-2023-25801)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in TensorFlow, caused by a double-free in nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 CVE-2023-25801. TensorFlow is included as part of the runtimes in our service. Thi...
CVE-2023-25801
creationtimestamp| type| source ---|---|--- 2023-03-25 06:37:54+00:00| seen| https://t.me/cibsecurity/60722...
AZL-31206 CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...
AZL-35322 CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...
CVE-2023-25801 TensorFlow has double free in Fractional(Max/Avg)Pool
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...
CVE-2023-25801
CVE-2023-25801 — TensorFlow double-free in fractional pooling : Connected sources confirm a vulnerability in nn_ops.fractional_avg_pool_v2 and nn_ops.fractional_max_pool_v2 where the first and fourth elements of pooling_ratio must be 1.0 for batch/channel pooling to be supported. The issue is tri...
cifar-10-model (=7.4.0), gamornet-cpu (>=0.2.3 <=0.4.3) +8 more potentially affected by CVE-2023-25801 via tensorflow-cpu (>=1.15.0 <=2.11.0)
tensorflow-cpu PYPI version =1.15.0, =0.2.3, =0.0.5, =1.0.0, =1.8.2, =0.1.3, =0.3.0.dev221212, =0.7.0, =0.7.5 Source cves: CVE-2023-25801 Source advisory: OSV:GHSA-F49C-87JH-G47Q...
a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +607 more potentially affected by CVE-2023-25801 via tensorflow (>=1.0.1 <=2.11.0rc2)
tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =1.1.0, =0.0.1, =0.2.0, =0.3.1, =0.5.1 and more Source cves: CVE-2023-25801 Source advisory: OSV:GHSA-F49C-87JH-G47Q...