162 matches found
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that can be exploited by an attacker to change the format of the SavedModel on disk to invalidate these assumptions, and then...
PT-2022-16099 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: A malicious user can cause a denial of service by altering a SavedModel such tha...
PT-2022-16096 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler optimizer in TensorFlow can be used to cause a denial of service by...
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow that could be exploited to trigger a denial of service by changing the SavedModel on disk...
PT-2022-16100 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This...
PT-2022-16094 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of GetInitOp is vulnerable to a crash caused by dereferencing a null pointer. This issue can be exploited by a...
PT-2022-16108 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The GraphDef format in TensorFlow does not allow self recursive functions...
Google Tensorflow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a security vulnerability that can be exploited by an attacker to cause a denial of service by changing the SavedModel so that it can be asserted in a function...
PT-2022-16103 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: A malicious user can cause a denial of service by altering a SavedModel such tha...
Security update for tensorflow2 (moderate)
openSUSE Security Update: Security update for tensorflow2 Announcement ID: openSUSE-SU-2020:1766-1 Rating: moderate References: 1173314 1175099 1175789 1177022 Cross-References: CVE-2020-15190 CVE-2020-15191 CVE-2020-15192 CVE-2020-15193 CVE-2020-15194 CVE-2020-15195 CVE-2020-15202 CVE-2020-15203...
CVE-2020-15206
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...
PYSEC-2020-286
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...
PYSEC-2020-321
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...
Code injection
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...
PYSEC-2020-286
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...
PYSEC-2020-321
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...
PYSEC-2020-129
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...
CVE-2020-15206
CVE-2020-15206 affects TensorFlow: changing SavedModel protocol buffers and required key names can cause segfaults and data corruption while loading models, leading to a denial of service in inference deployments. The vulnerability was addressed with fixes committed in TF, and TensorFlow versions...
CVE-2020-15206
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...
Denial of Service in Tensorflow
Impact Changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-serving or other inference-as-a-service installments. We have added...