d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2021-29518 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2021-29518 Source advisory: OSV:GHSA-62GX-355R-9FHG...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29518 via tensorflow-gpu (>=2.4.0 <=2.4.1)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29518 Source advisory: OSV:GHSA-62GX-355R-9FHG...

d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2021-29517 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2021-29517 Source advisory: OSV:GHSA-772P-X54P-HJRV...

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29517 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29517 Source advisory: OSV:GHSA-772P-X54P-HJRV...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +160 more potentially affected by CVE-2021-29517 via tensorflow-gpu (>=1.10.1 <=2.1.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-29517 Source advisory: OSV:GHSA-772P-X54P-HJRV...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29516 via tensorflow-gpu (>=2.4.0 <=2.4.1)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29516 Source advisory: OSV:GHSA-84MW-34W6-2Q43...

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29516 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29516 Source advisory: OSV:GHSA-84MW-34W6-2Q43...

d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2021-29515 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2021-29515 Source advisory: OSV:GHSA-HC6C-75P4-HMQ4...

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29515 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29515 Source advisory: OSV:GHSA-HC6C-75P4-HMQ4...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29515 via tensorflow-gpu (>=2.4.0 <=2.4.1)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29515 Source advisory: OSV:GHSA-HC6C-75P4-HMQ4...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +160 more potentially affected by CVE-2021-29515 via tensorflow-gpu (>=1.10.1 <=2.1.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-29515 Source advisory: OSV:GHSA-HC6C-75P4-HMQ4...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29514 via tensorflow-gpu (>=2.4.0 <=2.4.1)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29514 Source advisory: OSV:GHSA-8H46-5M9H-7553...

d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2021-29513 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2021-29513 Source advisory: OSV:GHSA-452G-F7FP-9JF7...

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29513 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29513 Source advisory: OSV:GHSA-452G-F7FP-9JF7...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29513 via tensorflow-gpu (>=2.4.0 <=2.4.1)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29513 Source advisory: OSV:GHSA-452G-F7FP-9JF7...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +160 more potentially affected by CVE-2021-29513 via tensorflow-gpu (>=1.10.1 <=2.1.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-29513 Source advisory: OSV:GHSA-452G-F7FP-9JF7...

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29512 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29512 Source advisory: OSV:GHSA-4278-2V5V-65R4...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29512 via tensorflow-gpu (>=2.4.0 <=2.4.1)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29512 Source advisory: OSV:GHSA-4278-2V5V-65R4...

4 Android Bugs Being Exploited in the Wild

Google updated its May 3 Android security bulletin on Wednesday to say that there are “indications” that four of the 50 vulnerabilities “may be under limited, targeted exploitation.” That was mostly confirmed by Maddie Stone, a member of Google’s Project Zero exploit research group, who clarified...

USN-4945-2: Linux kernel (Raspberry Pi) vulnerabilities

USN-4945-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. Original advisory details: It was discovered that the Nouveau G...