Lucene search
K

47 matches found

Cvelist
Cvelist
added 2022/02/04 10:32 p.m.42 views

CVE-2022-23582 `CHECK`-failures in `TensorByteSize` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...

6.5CVSS6.5AI score0.00783EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.3 views

CVE-2022-23582

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...

6.5CVSS6.9AI score0.00783EPSS
Exploits1
PyPA
PyPA
added 2022/02/03 1:15 p.m.8 views

PYSEC-2022-78

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS7AI score0.00458EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.7 views

PYSEC-2022-76

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS6.9AI score0.01097EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.7 views

PYSEC-2022-131

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS6.9AI score0.01097EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.1 views

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that stems from a failure to properly check for boundaries in TBD of TBD, which could allow for out-of-bounds writes. An attacker with system execution...

6.7CVSS5.8AI score0.00118EPSS
Exploits0References4
PyPA
PyPA
added 2021/11/05 10:15 p.m.5 views

PYSEC-2021-815

TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...

8.8CVSS7.1AI score0.00168EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder