SUSE CVE-2022-29198

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...

GHSA-RC9W-5C64-9VQQ Missing validation results in undefined behavior in `SparseTensorDenseAdd

Impact The implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments: python import tensorflow as tf aindices = tf.constant0, shape=17, 2, dtype=tf.int64 avalues = tf.constant, shape=0, dtype=tf.float32 ashape = tf.constant6, 12, shape=2, dtype=tf.int64 b =...

PYSEC-2021-269

TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply arguments that determine a valid sparse tensor, tf.rawops.SparseTensorSliceDataset implementation can be made to dereference a null pointer. The implementation has some argument validation but fails...

CVE-2021-37647

TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply arguments that determine a valid sparse tensor, tf.rawops.SparseTensorSliceDataset implementation can be made to dereference a null pointer. The implementation has some argument validation but fails...

PYSEC-2021-149

TensorFlow is an end-to-end open source platform for machine learning. If the splits argument of RaggedBincount does not specify a valid SparseTensorhttps://www.tensorflow.org/apidocs/python/tf/sparse/SparseTensor, then an attacker can trigger a heap buffer overflow. This will cause a read from...