Lucene search
K

5 matches found

OSV
OSV
added 2022/11/21 9:54 p.m.3 views

GHSA-F2W8-JW48-FR7J `FractionalMaxPoolGrad` Heap out of bounds read

Impact If FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash. python import tensorflow as tf tf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...

4.8CVSS7AI score0.0044EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.25 views

Google TensorFlow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. Google TensorFlow suffers from a security vulnerability that stems from FractionalMaxPoolGrad validating its inputs by asserting a failure instead of returning an error. T...

7.5CVSS7.6AI score0.00396EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.10 views

PT-2022-23079

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description The issue is related to the FractionalMaxPoolGrad function, which validates its...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References13
OSV
OSV
added 2021/05/21 2:26 p.m.5 views

GHSA-X8H6-XGQX-JQGP Undefined behavior and `CHECK`-fail in `FractionalMaxPoolGrad`

Impact The implementation of tf.rawops.FractionalMaxPoolGrad triggers an undefined behavior if one of the input tensors is empty: python import tensorflow as tf originput = tf.constant2, 3, shape=1, 1, 1, 2, dtype=tf.int64 origoutput = tf.constant, dtype=tf.int64 outbackprop = tf.zeros2, 3, 6, 6,...

2.5CVSS6AI score0.00189EPSS
Exploits1References7
PyPA
PyPA
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-706

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalMaxPoolGrad triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a CHECK condition becomes false and aborts...

5.5CVSS7AI score0.00189EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder