51 matches found
EUVD-2021-0372
Malware in sbrugna...
EUVD-2021-0283
Malware in sbrugna...
EUVD-2022-0296
Malicious code in bioql PyPI...
CVE-2022-21733
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
CVE-2021-29541
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...
BIT-TENSORFLOW-2020-15205 Data leak in Tensorflow
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...
BIT-TENSORFLOW-2021-29541 Null pointer dereference in `StringNGrams`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...
BIT-TENSORFLOW-2021-29542 Heap buffer overflow in `StringNGrams`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams. This is because the...
BIT-TENSORFLOW-2022-21733 Memory exhaustion in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
SUSE CVE-2020-15205
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...
SUSE CVE-2021-29541
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...
SUSE CVE-2022-21733
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
GHSA-98J8-C9Q4-R38G Memory exhaustion in Tensorflow
Impact The implementation of StringNGrams can be used to trigger a denial of service attack by causing an OOM condition after an integer overflow: python import tensorflow as tf tf.rawops.StringNGrams data='123456', datasplits=0,1, separator='a'15, ngramwidths=, leftpad='', rightpad='',...
CVE-2022-21733
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
PYSEC-2022-112
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
PYSEC-2022-57
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
PYSEC-2022-112
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
CVE-2022-21733 Memory exhaustion in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
Bad alloc in `StringNGrams` caused by integer conversion
Impact The implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. python import tensorflow as tf tf.rawops.StringNGrams data='','', datasplits=0,2, separator...
CVE-2021-37646
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...