36 matches found
CVE-2025-29617
creationtimestamp| type| source ---|---|--- 2025-08-19 03:03:09+00:00| seen| https://schleuss.online/users/vulnbot/statuses/115053205038349468 2025-08-19 05:07:49+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lwq5f7mo4t2b 2025-08-19 23:56:35+00:00| seen|...
MAL-2025-29617 Malicious code in presently (npm)
The package presently was found to contain malicious code...
CVE-2021-29617
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via CHECK-fail in tf.strings.substr with invalid arguments. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3,...
CVE-2020-29617
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may...
CVE-2022-29617
creationtimestamp| type| source ---|---|--- 2022-06-07 00:30:24+00:00| seen| https://t.me/cibsecurity/43895...
CVE-2022-29617
The CVE-2022-29617 entry concerns the CLA assistant (Contributor License Agreement assistant). Multiple connected sources describe an issue caused by improper error handling that allows an authenticated user to crash the CLA assistant instance, which could impact availability of the application. ...
brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29617 via tensorflow-gpu (>=2.4.0 <=2.4.1)
tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29617 via tensorflow (>=2.2.0 <=2.2.2)
tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2021-29617 via tensorflow-cpu (=2.2.0)
tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29617 via tensorflow-cpu (>=1.15.0 <=2.1.0)
tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +91 more potentially affected by CVE-2021-29617 via tensorflow (>=2.4.0 <=2.4.1)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.0.0, =0.0.0.post0 and more Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
accuinsight (>=1.0.62 <=3.0.0rc2), adapt-diagnostics (>=1.2.0 <=1.6.0) +109 more potentially affected by CVE-2021-29617 via tensorflow (>=2.3.0 <=2.3.2)
tensorflow PYPI version =2.3.0, =1.0.62, =1.2.0, =0.1.0, =0.0.1a0, =0.0.1, =1.0.0rc1, =20210206.0.0, =0.1.0.dev1, =0.2.4, =1.0.1.0, =1.0.3 - cardec-cite =1.1.0 and more Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +160 more potentially affected by CVE-2021-29617 via tensorflow-gpu (>=1.10.1 <=2.1.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29617 via tensorflow-gpu (>=2.3.0 <=2.3.2)
tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29617 via tensorflow-cpu (=2.3.1)
tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +1353 more potentially affected by CVE-2021-29617 via tensorflow (>=1.0.1 <=2.1.2)
tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =0.0.6, =0.1.0, =0.0.1, =1.1.2, =0.0.1, =2.0.0, =0.3.26, =0.2.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
complaintclassify (=0.0.9) potentially affected by CVE-2021-29617 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29617 Source advisory: OSV:GHSA-MMQ6-Q8R3-48FM...
CVE-2021-29617
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via CHECK-fail in tf.strings.substr with invalid arguments. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3,...
d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29617 via tensorflow-gpu (>=2.2.0 <=2.3.0)
tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29617 Source advisory: OSV:PYSEC-2021-743...
pycnet-audio (>=0.5.1 <=0.5.8), qihoo-tensornet (>=0.102.0.dev0 <=0.102.2.post1) potentially affected by CVE-2021-29617 via tensorflow-cpu (>=2.2.0 <=2.2.3)
tensorflow-cpu PYPI version =2.2.0, =0.5.1, =0.102.0.dev0, =0.102.2.post1 Source cves: CVE-2021-29617 Source advisory: OSV:PYSEC-2021-545...