CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2021/08/12 10:15 p.m.•19 views

PYSEC-2021-584

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.Map and tf.rawops.OrderedMap operations. The implementation has a check in place to ensure that indices is in...

7.8CVSS2.3AI score0.00173EPSS

CVE•added 2021/08/12 10:0 p.m.•86 views

CVE-2021-37681

CVE-2021-37681 affects TensorFlow (SVDF in TFLite); root cause is a potential null dereference where GetVariableInput can return nullptr and GetTensorData assumes a valid tensor. A fix was committed (5b048e87e4e55990dae6b547add4dae59f4e1c76) and will be included in TensorFlow 2.6.0, with cherry-p...

CVE•added 2021/08/12 10:0 p.m.•102 views

CVE-2021-37689

CVE-2021-37689 : In TensorFlow’s TFLite MLIR optimizations, the L2NormalizeReduceAxis path dereferences a vector iterator without checking for elements, enabling a local attack to crash the process (DoS) via a crafted TFLite model. A patch was applied in the referenced GitHub commit (d6b57f461b39...

7.8CVSS5.6AI score0.00165EPSS

Cvelist•added 2021/08/12 10:0 p.m.•17 views

CVE-2021-37688 Null pointer dereference in TensorFlow Lite

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The implementation unconditionally dereferences a pointer. We have...

7.8CVSS8AI score0.00165EPSS

CVE•added 2021/08/12 9:55 p.m.•99 views

CVE-2021-37686

CVE-2021-37686 – TensorFlow TFLite infinite loop in strided_slice . The issue is in the TFLite strided_slice implementation where the new ellipsis in axis definitions can cause ellipsis_end_idx to be smaller than i. This prevents the inner loop from advancing i, and a continued loop skips the out...

5.5CVSS5.7AI score0.00173EPSS

CVE•added 2021/08/12 9:45 p.m.•75 views

CVE-2021-37680

CVE-2021-37680 affects TensorFlow/TSLite, where the division-by-zero vulnerability resides in the implementation of fully connected layers in TFLite. The issue is triggered by a crafted input causing batch_size calculation (input_size / filter->dims->data[1]) to divide by zero. A patch is p...

5.5CVSS5.6AI score0.00152EPSS

Cvelist•added 2021/08/12 9:45 p.m.•26 views

CVE-2021-37680 Division by zero in TFLite in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of fully connected layers in TFLite is vulnerable to a division by zero error. We have patched the issue in GitHub commit 718721986aa137691ee23f03638867151f74935f. The fix will be includ...

5.5CVSS6.1AI score0.00152EPSS

CVE•added 2021/08/12 9:45 p.m.•107 views

CVE-2021-37675

CVE-2021-37675 : TensorFlow denial-of-service caused by a division-by-zero in the shape inference path of most convolution operators. Root cause: missing validations before divisions/modulo in the common_shape_fns.cc implementation. Patch is in commit 8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4 and ...

5.5CVSS5.5AI score0.0016EPSS

CVE•added 2021/08/12 9:40 p.m.•85 views

CVE-2021-37676

TensorFlow CVE-2021-37676 involves a vulnerability in SparseFillEmptyRows where the shape-inference code can bind a null pointer, causing undefined behavior. The issue has been patched in a GitHub commit and the fix is scheduled for TensorFlow 2.6.0, with cherry-picks to 2.5.1, 2.4.3, and 2.3.4 (...

Cvelist•added 2021/08/12 9:40 p.m.•18 views

CVE-2021-37676 Reference binding to nullptr in shape inference in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empt...

7.8CVSS8AI score0.00173EPSS

CVE•added 2021/08/12 9:40 p.m.•91 views

CVE-2021-37671

TensorFlow CVE-2021-37671 describes a local-issue in tf.raw_ops.Map* and tf.raw_ops.OrderedMap* where binding a reference to a null pointer can occur if indices is empty, due to a missing check despite a ascending-order validation. The publicly documented fix was committed (532f5c5a…) and will be...

Cvelist•added 2021/08/12 9:40 p.m.•17 views

CVE-2021-37671 Reference binding to nullptr in map operations in TensorFlow

7.8CVSS8AI score0.00173EPSS

CVE•added 2021/08/12 9:40 p.m.•93 views

CVE-2021-37666

CVE-2021-37666 is a TensorFlow vulnerability in RaggedTensorToVariant where binding a reference to a null pointer occurs due to incomplete validation of splits values. The issue is addressed by the GitHub patch be7a4de6adfbd303ce08be4332554dff70362612, with the fix scheduled for TensorFlow 2.6.0 ...

7.8CVSS7.7AI score0.00173EPSS

Cvelist•added 2021/08/12 9:40 p.m.•28 views

CVE-2021-37666 Reference binding to nullptr in `RaggedTensorToVariant` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case...

7.8CVSS8AI score0.00173EPSS

CVE•added 2021/08/12 9:40 p.m.•97 views

CVE-2021-37667

TensorFlow: CVE-2021-37667 involves a NULL pointer dereference in UnicodeEncode where the code reads input_splits[0] before validating emptiness. A patch is in commit 2e0ee46f..., fixes to be included in TensorFlow 2.6.0 and backported to 2.5.1, 2.4.3, and 2.3.4. Affected: tf.raw_ops.UnicodeEncod...

CVE•added 2021/08/12 9:15 p.m.•91 views

CVE-2021-37648

TensorFlow SaveV2 input validation flaw (tf.raw_ops.SaveV2) allows a local attacker to trigger a NULL pointer dereference due to improper input validation in ValidateInputs. The issue was fixed in TensorFlow 2.6.0 (commit 9728c60e...); backports were planned for 2.5.1, 2.4.3, and 2.3.4. Affected ...

7.8CVSS7.6AI score0.00186EPSS

Cvelist•added 2021/08/12 9:15 p.m.•18 views

CVE-2021-37648 Incorrect validation of `SaveV2` inputs in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the code for tf.rawops.SaveV2 does not properly validate the inputs and an attacker can trigger a null pointer dereference. The implementation uses ValidateInputs to check that the input arguments are vali...

7.8CVSS8AI score0.00186EPSS

CVE•added 2021/08/12 9:15 p.m.•84 views

CVE-2021-37652

TensorFlow Bug: BoostedTreesCreateEnsemble uses a reference-counted resource that was refactored to a smart pointer; when initialization fails, a later scope exit frees the resource even if its refcount is 0, causing a use-after-free. A patch (commit 5ecec9c6fbdbc6be03295685190a45e7eee726ab) fixe...

7.8CVSS7.8AI score0.00173EPSS

Cvelist•added 2021/08/12 9:15 p.m.•24 views

CVE-2021-37652 Use after free in boosted trees creation in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.BoostedTreesCreateEnsemble can result in a use after free error if an attacker supplies specially crafted arguments. The implementation uses a reference counted resource an...

7.8CVSS8.1AI score0.00173EPSS