Lucene search
K

7 matches found

Snyk
Snyk
added 2023/03/26 7:46 a.m.1 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a floating point exception if the stride and window size are not positive for tf.rawops.AvgPoolGrad. PoC import tensorflow as tf import numpy as np @tf.functionjitcompile=True def test: y =...

7.5CVSS7AI score0.00391EPSS
Exploits0References2
OSV
OSV
added 2022/09/16 10:13 p.m.16 views

GHSA-84JM-4CF3-9JFM TensorFlow vulnerable to `CHECK` failures in `FractionalAvgPoolGrad`

Impact The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. python import tensorflow as tf overlapping = True originputtensorshape =...

5.9CVSS5.8AI score0.00396EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2022/09/16 8:40 p.m.5 views

CVE-2022-35968

TensorFlow is an open source platform for machine learning. The implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

7.5CVSS6.8AI score0.00396EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/09/16 8:10 p.m.4 views

CVE-2022-35963

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

7.5CVSS7AI score0.00396EPSS
Exploits0
PyPA
PyPA
added 2021/08/12 9:15 p.m.5 views

PYSEC-2021-273

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.FractionalAvgPoolGrad can be tricked into accessing data outside of bounds of heap allocated buffers. The implementation does not validate that the input tensor is non-empt...

7.8CVSS7.4AI score0.00174EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/05/21 2:26 p.m.2 views

GHSA-V6R6-84GR-92RM Heap buffer overflow in `AvgPool3DGrad`

Impact The implementation of tf.rawops.AvgPool3DGrad is vulnerable to a heap buffer overflow: python import tensorflow as tf originputshape = tf.constant10, 6, 3, 7, 7, shape=5, dtype=tf.int32 grad = tf.constant0.01, 0, 0, shape=3, 1, 1, 1, 1, dtype=tf.float32 ksize = 1, 1, 1, 1, 1 strides = 1, 1...

2.5CVSS7.1AI score0.00211EPSS
Exploits1References7
PyPA
PyPA
added 2021/05/14 8:15 p.m.8 views

PYSEC-2021-704

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalAvgPoolGrad is vulnerable to a heap buffer overflow. The...

7.8CVSS7.3AI score0.00211EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder