82 matches found
Design/Logic Flaw
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...
PYSEC-2022-64
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...
CVE-2022-21740
CVE-2022-21740 concerns TensorFlow’s SparseCountSparseOutput, where the vulnerability is a heap-based overflow in that operation. The issue arises from improper bounds checking in the SparseCountSparseOutput path, enabling heap overflow and potential arbitrary-code execution on affected systems. ...
CVE-2022-21740
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...
CVE-2022-21740 Heap overflow in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...
CVE-2022-21740 Heap overflow in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...
PYSEC-2022-62
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...
PYSEC-2022-117
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...
PYSEC-2022-62
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...
CVE-2022-21738
TensorFlow CVE-2022-21738 describes an integer overflow in SparseCountSparseOutput (kernels/count_ops.cc) that can crash a TensorFlow process when its result is used for memory allocation. The vulnerability affects TensorFlow releases including 2.5.3, 2.6.3, and 2.7.1, with a fix planned for Tens...
CVE-2022-21738
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow has a buffer overflow vulnerability, which stems from the fact that the implementation of SparseCountSparseOutput is prone to heap overflow and can be exploited by an attacker to cause ...
PT-2022-15081 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of SparseCountSparseOutput in TensorFlow is vulnerable to a heap overflow. This issue can be exploited using the...
PT-2022-15078 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of SparseCountSparseOutput can be made to crash a TensorFlow...
Google TensorFlow heap allocation array out-of-bounds read vulnerability (CNVD-2021-85884)
Google TensorFlow is an end-to-end open source machine learning platform. an out-of-bounds read vulnerability exists in the shape inference function of SparseCountSparseOutput in versions prior to TensorFlow 2.7.0 for heap allocation arrays. No detailed vulnerability details are currently availab...
CVE-2021-41210
TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for SparseCountSparseOutput can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow...
PYSEC-2021-817
TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for SparseCountSparseOutput can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow...
PYSEC-2021-402
TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for SparseCountSparseOutput can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow...
PYSEC-2021-402
TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for SparseCountSparseOutput can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow...
PYSEC-2021-817
TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for SparseCountSparseOutput can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow...