CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2022/02/04 12:0 a.m.•2 views

PT-2022-16097 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: During shape inference, TensorFlow can allocate a large vector based on a value...

6.5CVSS6.3AI score0.00808EPSS

Exploits1References13

Positive Technologies•added 2022/02/04 12:0 a.m.•2 views

PT-2022-16089 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier Description: TensorFlow can fail to specialize a type during shape inference. This issue is covered by the DCHECK function, which i...

7.1CVSS6.2AI score0.00968EPSS

Exploits1References13

Prion•added 2022/02/03 2:15 p.m.•17 views

Design/Logic Flaw

Tensorflow is an Open Source Machine Learning Framework. The implementation of Bincount operations allows malicious users to cause denial of service by passing in arguments which would trigger a CHECK-fail. There are several conditions that the input arguments must satisfy. Some are not caught...

4CVSS6.2AI score0.00771EPSS

PyPA•added 2022/02/03 2:15 p.m.•4 views

PYSEC-2022-61

6.5CVSS6.7AI score0.00771EPSS

NVD•added 2022/02/03 12:15 p.m.•28 views

CVE-2022-21731

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

6.5CVSS0.00831EPSS

PyPA•added 2022/02/03 12:15 p.m.•4 views

PYSEC-2022-55

6.5CVSS6.8AI score0.00831EPSS

PyPA•added 2022/02/03 12:15 p.m.•4 views

PYSEC-2022-110

6.5CVSS6.8AI score0.00831EPSS

OSV•added 2022/02/03 12:15 p.m.•6 views

PYSEC-2022-110

6.5CVSS6.6AI score0.00831EPSS

OSV•added 2022/02/03 11:37 a.m.•26 views

CVE-2022-21731 Type confusion leading to segfault in Tensorflow

6.5CVSS6.3AI score0.00831EPSS

Exploits1References6

CVE•added 2022/02/03 11:37 a.m.•108 views

CVE-2022-21731

Technical details are not publicly available in the provided Connected documents. The Initial Description mentions a TensorFlow shape-inference vulnerability but does not specify affected products/versions beyond general references. Monitor for updates and official advisories for precise impact a...

6.5CVSS6.4AI score0.00831EPSS

Cvelist•added 2022/02/03 11:37 a.m.•28 views

CVE-2022-21731 Type confusion leading to segfault in Tensorflow

6.5CVSS6.6AI score0.00831EPSS

Debian CVE•added 2022/02/03 11:37 a.m.•3 views

CVE-2022-21731

6.5CVSS6.8AI score0.00831EPSS

Exploits1

NVD•added 2022/02/03 11:15 a.m.•15 views

CVE-2022-21727

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

8.8CVSS0.00649EPSS

Exploits1References3

PyPA•added 2022/02/03 11:15 a.m.•5 views

PYSEC-2022-51

8.8CVSS7.6AI score0.00649EPSS

Prion•added 2022/02/03 11:15 a.m.•22 views

Integer overflow

6.5CVSS8.8AI score0.00649EPSS

OSV•added 2022/02/03 11:15 a.m.•3 views

PYSEC-2022-107

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS5.9AI score0.01108EPSS

PyPA•added 2022/02/03 11:15 a.m.•6 views

PYSEC-2022-52

8.1CVSS6.8AI score0.01108EPSS