13 matches found
CVE-2024-37672
Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the idactivity parameter...
brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-37672 via tensorflow-gpu (>=2.4.0 <=2.4.2)
tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-37672 Source advisory: OSV:GHSA-5HJ3-VJJF-F5M7...
complaintclassify (=0.0.9) potentially affected by CVE-2021-37672 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37672 Source advisory: OSV:GHSA-5HJ3-VJJF-F5M7...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +163 more potentially affected by CVE-2021-37672 via tensorflow-gpu (>=1.10.1 <=2.3.2)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-37672 Source advisory: OSV:GHSA-5HJ3-VJJF-F5M7...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +54 more potentially affected by CVE-2021-37672 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.1.0.dev2, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 and more Source cves:...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +95 more potentially affected by CVE-2021-37672 via tensorflow-cpu (>=1.15.0 <=2.3.1)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2021-37672 Source advisory: OSV:GHSA-5HJ3-VJJF-F5M7...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4729 more potentially affected by CVE-2021-37672 via tensorflow (>=1.0.1 <=2.3.2)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-37672 Source advisory: OSV:GHSA-5HJ3-VJJF-F5M7...
accuinsight (>=1.0.62 <=3.0.0rc2), adapt-diagnostics (>=1.2.0 <=1.6.0) +109 more potentially affected by CVE-2021-37672 via tensorflow (>=2.3.0 <=2.3.2)
tensorflow PYPI version =2.3.0, =1.0.62, =1.2.0, =0.1.0, =0.0.1a0, =0.0.1, =1.0.0rc1, =20210206.0.0, =0.1.0.dev1, =0.2.4, =1.0.1.0, =1.0.3 - cardec-cite =1.1.0 and more Source cves: CVE-2021-37672 Source advisory: OSV:PYSEC-2021-294...
c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-37672 via tensorflow-cpu (=2.3.1)
tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-37672 Source advisory: OSV:PYSEC-2021-585...
complaintclassify (=0.0.9) potentially affected by CVE-2021-37672 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37672 Source advisory: OSV:PYSEC-2021-585...
deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-37672 via tensorflow-gpu (>=2.3.0 <=2.3.2)
tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-37672 Source advisory: OSV:PYSEC-2021-783...
CVE-2021-37672 Heap OOB in `SdcaOptimizerV2` in TensorFlow
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.SdcaOptimizerV2. The implementation does not check that the length of...
CVE-2021-37672
TensorFlow CVE-2021-37672 is a heap-based out-of-bounds read vulnerability in SdcaOptimizerV2 caused by not validating example_labels length against the number of examples. The issue is disclosed in GHSA-5HJ3-VJJF-F5M7 with a code example and fix details. Patches were applied in the GitHub commit...