2 matches found
CVE-2026-32129
soroban-poseidon provides Poseidon and Poseidon2 cryptographic hash functions for Soroban smart contracts. Poseidon V1 PoseidonSponge accepts variable-length inputs without injective padding. When a caller provides fewer inputs than the sponge rate inputs.len k, hashm1, ..., mk equals hashm1, ......
GHSA-J47F-4232-HVV8 Heap out of bounds read in `RaggedCross`
Impact An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to tf.rawops.RaggedCross: python import tensorflow as tf raggedvalues = raggedrowsplits = sparseindices = sparsevalues = sparseshape = denseinputselem = tf.constant, shape=92, 0,...