32 matches found
EUVD-2022-7365
Malicious code in bioql PyPI...
CVE-2022-41898
TensorFlow is an open source platform for machine learning. If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be included in TensorFlow 2.11. We will also cherrypick this commi...
SUSE CVE-2020-15194
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad` in Tensorflow
...
Google TensorFlow Input Validation Error Vulnerability (CNVD-2023-15776)
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from an empty input to SparseFillEmptyRowsGrad. The vulnerability can be exploited to cause the program to crash...
AZL-11537 CVE-2022-41898 affecting package tensorflow for versions less than 2.11.0-1
TensorFlow is an open source platform for machine learning. If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be included in TensorFlow 2.11. We will also cherrypick this commi...
CVE-2022-41898
TensorFlow is an open source platform for machine learning. If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be included in TensorFlow 2.11. We will also cherrypick this commi...
CVE-2022-41898 `CHECK` fail via inputs in `SparseFillEmptyRowsGrad` in Tensorflow
TensorFlow is an open source platform for machine learning. If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be included in TensorFlow 2.11. We will also cherrypick this commi...
CVE-2022-41898 `CHECK` fail via inputs in `SparseFillEmptyRowsGrad` in Tensorflow
TensorFlow is an open source platform for machine learning. If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be included in TensorFlow 2.11. We will also cherrypick this commi...
PT-2022-26129 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.11 TensorFlow versions 2.10.1 and earlier TensorFlow versions 2.9.3 and earlier TensorFlow versions 2.8.4 and earlier Description: The issue occurs when the SparseFillEmptyRowsGrad function is given empty inputs...
CVE-2022-41898
TensorFlow is an open source platform for machine learning. If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be included in TensorFlow 2.11. We will also cherrypick this commi...
Google TensorFlow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from an empty input to SparseFillEmptyRowsGrad. The vulnerability can be exploited to cause the program to crash...
Security update for tensorflow2 (moderate)
openSUSE Security Update: Security update for tensorflow2 Announcement ID: openSUSE-SU-2020:1766-1 Rating: moderate References: 1173314 1175099 1175789 1177022 Cross-References: CVE-2020-15190 CVE-2020-15191 CVE-2020-15192 CVE-2020-15193 CVE-2020-15194 CVE-2020-15195 CVE-2020-15202 CVE-2020-15203...
Unspecified Vulnerability in Google Tensorflow SparseFillEmptyRowsGrad
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow SparseFillEmptyRowsGrad versions prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1, and 2.3.1, which stems from an incomplete validation of the shape of i...
CVE-2020-15195
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...
CVE-2020-15194
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...
Heap overflow
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...
PYSEC-2020-118
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...
PYSEC-2020-310
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...
PYSEC-2020-310
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...