Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to TensorFlow denial of service vulnerabilitiy [CVE-2023-25661]

Summary Potential TensorFlow denial of service, caused by improper input validation by the Convolution3DTranspose function have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple Tensorflow vulnerabilities.

Summary Multiple Tensorflow vulnerabilitiies have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-25662 DESCRIPTION: TensorFlow is vulnerable...

autopilotml (>=1.0.1 <=1.0.14), chicken-coop (>=0.0.1 <=0.0.5) +13 more potentially affected by CVE-2024-22415 via jupyter-lsp (>=2.2.0 <=2.2.1)

jupyter-lsp PYPI version =2.2.0, =1.0.1, =0.0.1, =0.0.1, =1.16.0, =0.0.1, =0.0.22, =0.82.0, =1.0.4, =0.1.0.2, =0.0.2, =0.0.12 - zftracker =0.0.3 Source cves: CVE-2024-22415 Source advisory: OSV:GHSA-4QHP-652W-C22X...

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks

Continuous integration and continuous delivery CI/CD misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of...

ml.shifu:shifu-tensorflow-eval (=0.12.0), ml.shifu:shifu-tensorflow-on-yarn (=0.12.0) potentially affected by CVE-2023-7148 via ml.shifu:shifu (=0.12.0)

ml.shifu:shifu MAVEN version =0.12.0 is affected by a known vulnerability. The following packages have a transitive dependency on ml.shifu:shifu and may be impacted: - ml.shifu:shifu-tensorflow-eval =0.12.0 - ml.shifu:shifu-tensorflow-on-yarn =0.12.0 Source cves: CVE-2023-7148 Source advisory:...

Security Bulletin: Multiple Vulnerabilities affecting IBM Watson Studio in Cloud Pak for Data Are Addressed

Summary There are multiple vulnerabilities in Runtimes 22.2 component impacting IBM Watson Studio in Cloud Pak for Data. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-2800 DESCRIPTION: Hugging Face Transformers is vulnerable to a...

GHSA-897X-XVJ8-42RQ Zip slip in mleap

FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...

CVE-2023-5245

FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...

CBL Mariner 2.0 Security Update: tensorflow (CVE-2023-25661)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25661 advisory. - TensorFlow is an Open Source Machine Learning Framework. In versions prior to 2.11.1 a malicious invalid...

CVE-2023-46136 vulnerabilities

Vulnerabilities for packages: py3-tensorflow-serving-api, kubeflow-jupyter-web-app, kubeflow-volumes-web-app, py3-werkzeug, kubeflow-pipelines-visualization-server...

CVE-2023-46136 vulnerabilities

Vulnerabilities for packages: py3-tensorflow-serving-api, py3-werkzeug, kubeflow-jupyter-web-app, airflow-core, kubeflow-volumes-web-app, kubeflow-pipelines-visualization-server...

GHSA-HRFV-MQP8-Q5RW vulnerabilities

Vulnerabilities for packages: py3-tensorflow-serving-api, py3-werkzeug, kubeflow-jupyter-web-app, airflow-core, kubeflow-volumes-web-app, kubeflow-pipelines-visualization-server...

GHSA-HRFV-MQP8-Q5RW vulnerabilities

Vulnerabilities for packages: py3-tensorflow-serving-api, kubeflow-jupyter-web-app, kubeflow-volumes-web-app, py3-werkzeug, kubeflow-pipelines-visualization-server...

BIT-2020-15190

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the tf.rawops.Switch operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. Howeve...

BIT-2020-15191

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...

BIT-2020-15192

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

BIT-2020-15193

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...

BIT-2020-15194

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...

BIT-2020-15195

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

BIT-2020-15196

In Tensorflow version 2.3.0, the SparseCountSparseOutput and RaggedCountSparseOutput implementations don't validate that the weights tensor has the same shape as the data. The check exists for DenseCountSparseOutput, where both tensors are fully specified. In the sparse and ragged count weights a...