35 matches found
EUVD-2023-0933
Malicious code in bioql PyPI...
CVE-2023-25675
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
TensorFlow has Segfault in Bincount with XLA
...
SUSE CVE-2023-25675
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. When running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. PoC import tensorflow as tf func = tf.rawops.Bincount...
CVE-2023-25675
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
AZL-35320 CVE-2023-25675 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
AZL-31212 CVE-2023-25675 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25675 TensorFlow has Segfault in Bincount with XLA
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25675
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25675 TensorFlow has Segfault in Bincount with XLA
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
TensorFlow has Segfault in Bincount with XLA
Impact When running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. python import tensorflow as tf func = tf.rawops.Bincount para='arr': 6, 'size': 804, 'weights': 52, 351 @tf.functionjitcompile=True def...
GHSA-7X4V-9GXG-9HWJ TensorFlow has Segfault in Bincount with XLA
Impact When running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. python import tensorflow as tf func = tf.rawops.Bincount para='arr': 6, 'size': 804, 'weights': 52, 351 @tf.functionjitcompile=True def...
SUSE CVE-2022-21737
Tensorflow is an Open Source Machine Learning Framework. The implementation of Bincount operations allows malicious users to cause denial of service by passing in arguments which would trigger a CHECK-fail. There are several conditions that the input arguments must satisfy. Some are not caught...
SUSE CVE-2022-35982
TensorFlow is an open source platform for machine learning. If SparseBincount is given inputs for indices, values, and denseshape that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
SUSE CVE-2022-35987
TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...
CVE-2022-35982
TensorFlow is an open source platform for machine learning. If SparseBincount is given inputs for indices, values, and denseshape that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
GHSA-W62H-8XJM-FV49 TensorFlow vulnerable to `CHECK` fail in `DenseBincount`
Impact DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf binaryoutput = True input =...
GHSA-F2VV-V9CG-QHH7 Assertion failure based denial of service in Tensorflow
Impact The implementation of Bincount operations allows malicious users to cause denial of service by passing in arguments which would trigger a CHECK-fail: python import tensorflow as tf tf.rawops.DenseBincount input=0, 1, 2, size=1, weights=3,2,1, binaryoutput=False There are several conditions...
CVE-2022-21737
Tensorflow is an Open Source Machine Learning Framework. The implementation of Bincount operations allows malicious users to cause denial of service by passing in arguments which would trigger a CHECK-fail. There are several conditions that the input arguments must satisfy. Some are not caught...