Lucene search
K

7075 matches found

Cvelist
Cvelist
added 2021/05/14 7:21 p.m.32 views

CVE-2021-29597 Division by zero in TFLite's implementation of `SpaceToBatchNd`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that one dimension of the block input is 0. Hence, the corresponding value in blockshape is...

2.5CVSS7.8AI score0.00201EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/05/14 7:21 p.m.29 views

CVE-2021-29598 Division by zero in TFLite's implementation of `SVDF`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the SVDF TFLite operator is vulnerable to a division by zero errorhttps://github.com/tensorflow/tensorflow/blob/7f283ff806b2031f407db64c4d3edcda8fb9f9f5/tensorflow/lite/kernels/svdf.ccL99-L102. An attacke...

2.5CVSS7.8AI score0.00201EPSS
Exploits1References2
CVE
CVE
added 2021/05/14 7:21 p.m.97 views

CVE-2021-29598

The CVE-2021-29598 entry concerns TensorFlow’s SVDF TFLite operator, where a division-by-zero can occur if params->rank is 0. The SVDF implementation in TensorFlow Lite is the affected component; the root cause is a rank-dependent modulo check that can fail when rank is 0, leading to a crash/d...

7.8CVSS5.3AI score0.00201EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 7:21 p.m.30 views

CVE-2021-29599 Division by zero in TFLite's implementation of `Split`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the Split TFLite operator is vulnerable to a division by zero errorhttps://github.com/tensorflow/tensorflow/blob/e2752089ef7ce9bcf3db0ec618ebd23ea119d0c7/tensorflow/lite/kernels/split.ccL63-L65. An attack...

2.5CVSS7.8AI score0.00209EPSS
Exploits1References2
CVE
CVE
added 2021/05/14 7:21 p.m.87 views

CVE-2021-29599

TensorFlow: Split TFLite operator vulnerability due to division by zero when num_splits == 0. The issue affects the Split path in TensorFlow’s TFLite kernels; an attacker could craft a model triggering the fault. The fix is scheduled for TensorFlow 2.5.0, with cherry-picks to TF 2.4.2, 2.3.3, 2.2...

7.8CVSS5.3AI score0.00209EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/05/14 7:21 p.m.102 views

CVE-2021-29600

Summary: CVE-2021-29600 concerns TensorFlow’s TFLite OneHot operator, where the division-by-zero arises from prefix_dim_size calculation when an indices dimension is 0. This is triggered by crafted models and affects multiple TensorFlow/TFLite release lines, with a fix planned for TensorFlow 2.5....

7.8CVSS5.3AI score0.00201EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/05/14 7:21 p.m.104 views

CVE-2021-29601

TensorFlow/TFLite concatentation is vulnerable to an integer overflow in the TFLite kernel used for concatenation. The issue arises because TFLite uses int for tensor dimensions while TensorFlow uses int64, allowing crafted inputs where a concatenation dimension overflows an int. Public details i...

7.1CVSS6.5AI score0.00192EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 7:21 p.m.26 views

CVE-2021-29601 Integer overflow in TFLite concatentation

TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of concatenation is vulnerable to an integer overflow issuehttps://github.com/tensorflow/tensorflow/blob/7b7352a724b690b11bfaae2cd54bc3907daf6285/tensorflow/lite/kernels/concatenation.ccL70-L76. An...

6.3CVSS7.2AI score0.00192EPSS
Exploits1References2
CVE
CVE
added 2021/05/14 7:21 p.m.96 views

CVE-2021-29602

The CVE-2021-29602 issue affects TensorFlow’s TFLite DepthwiseConv operator. The vulnerability is a division-by-zero in the DepthwiseConv implementation, triggered when input’s fourth dimension is 0. The root cause and affected code are documented in depthwise_conv.cc, and multiple advisories acr...

5.5CVSS4.7AI score0.00189EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 7:21 p.m.32 views

CVE-2021-29602 Division by zero in TFLite's implementation of `DepthwiseConv`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the DepthwiseConv TFLite operator is vulnerable to a division by zero...

2.5CVSS5.6AI score0.00189EPSS
Exploits1References2
CVE
CVE
added 2021/05/14 7:21 p.m.106 views

CVE-2021-29603

CVE-2021-29603 describes a heap out-of-bounds write in the TFLite ArgMin/ArgMax path of TensorFlow’s runtime. A specially crafted TFLite model can trigger the write when axis_value is not in [0, NumDimensions(input)], causing code to write past output_dims->data. Root cause: incorrect handling...

7.8CVSS5.6AI score0.00201EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/05/14 7:21 p.m.94 views

CVE-2021-29604

TensorFlow/TFLite hashtable lookup (HashtableLookup) is affected by a division-by-zero in hashtable_lookup.cc when the first dimension of values is 0. Root cause: num_rows derived from the 0th dimension leads to invalid division. Affected: TensorFlow/TFLite hashtable lookup; fix slated for Tensor...

5.5CVSS4.7AI score0.00189EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 7:21 p.m.34 views

CVE-2021-29604 Division by zero in TFLite's implementation of hashtable lookup

TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of hashtable lookup is vulnerable to a division by zero errorhttps://github.com/tensorflow/tensorflow/blob/1a8e885b864c818198a5b2c0cbbeca5a1e833bc8/tensorflow/lite/kernels/hashtablelookup.ccL114-L115 ...

2.5CVSS5.6AI score0.00189EPSS
Exploits1References2
CVE
CVE
added 2021/05/14 7:21 p.m.98 views

CVE-2021-29605

CVE-2021-29605 is a TensorFlow/TFLite vulnerability where the TFLiteIntArray allocation path suffers an integer overflow. The function TfLiteIntArrayGetSizeInBytes(int size) can return a negative value when size is large, causing malloc to receive an invalid (potentially non-allocatable) size. Th...

7.1CVSS5.8AI score0.0022EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 7:21 p.m.29 views

CVE-2021-29606 Heap OOB read in TFLite

TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of...

7.1CVSS7.8AI score0.00215EPSS
Exploits1References2
CVE
CVE
added 2021/05/14 7:21 p.m.85 views

CVE-2021-29607

CVE-2021-29607 is tied to TensorFlow’s SparseAdd validation. The issue arises from incomplete validation of sparse tensor inputs (not checking emptiness or second-dimension_matches size), enabling potential undefined behavior such as null pointer dereferences and heap-out-of-bounds writes. The vu...

7.8CVSS6.3AI score0.00234EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/05/14 7:20 p.m.100 views

CVE-2021-29608

TensorFlow CVE-2021-29608 maps to a RaggedTensorToTensor validation flaw: input checks only ensure one tensor is non-empty, enabling potential heap out-of-bounds/NULL dereference undefined behavior in release builds. Multiple sources (NVD, OSV/GHSA advisories) describe a local-attack surface lead...

7.8CVSS6.2AI score0.00234EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2021/05/14 7:20 p.m.89 views

CVE-2021-29609

TensorFlow SparseAdd (CVE-2021-29609) has incomplete validation for sparse tensor inputs, allowing invalid tensor triples to slip through valid code paths. The vulnerability arises from not validating that inputs are non-empty and that the second dimension of *_indices matches the corresponding *...

7.8CVSS6.3AI score0.00234EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/05/14 7:20 p.m.107 views

CVE-2021-29610

CVE-2021-29610: TensorFlow QuantizeAndDequantizeV2 accepts axis values

7.8CVSS5.3AI score0.00201EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 7:20 p.m.19 views

CVE-2021-29610 Invalid validation in `QuantizeAndDequantizeV2`

TensorFlow is an end-to-end open source platform for machine learning. The validation in tf.rawops.QuantizeAndDequantizeV2 allows invalid values for axis argument:. The...

3.6CVSS7.8AI score0.00201EPSS
Exploits1References2
Rows per page
Query Builder