Lucene search
K

14329 matches found

vulnersOsv
vulnersOsv
added 2022/09/16 10:20 p.m.9 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35972 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35972 Source advisory: OSV:GHSA-4PC4-M9MJ-V2R9...

7.5CVSS7.1AI score0.00409EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 10:20 p.m.5 views

clip-jax (=0.0.5) potentially affected by CVE-2022-35972 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35972 Source advisory: OSV:GHSA-4PC4-M9MJ-V2R9...

7.5CVSS7.1AI score0.00409EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/09/16 10:20 p.m.39 views

TensorFlow vulnerable to segfault in `QuantizedBiasAdd`

Impact If QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.qint32 input = tf.constant85,170,255, shape=3, dtype=tf.quint8 bias =...

7.5CVSS7.2AI score0.00409EPSS
Exploits0References5Affected Software3
vulnersOsv
vulnersOsv
added 2022/09/16 10:20 p.m.5 views

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-35972 via tensorflow-cpu (>=1.15.0 <=2.7.0)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-35972 Source advisory: OSV:GHSA-4PC4-M9MJ-V2R9...

7.5CVSS7.1AI score0.00409EPSS
Exploits0
OSV
OSV
added 2022/09/16 10:20 p.m.1 views

GHSA-4PC4-M9MJ-V2R9 TensorFlow vulnerable to segfault in `QuantizedBiasAdd`

Impact If QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.qint32 input = tf.constant85,170,255, shape=3, dtype=tf.quint8 bias =...

5.9CVSS5.8AI score0.00409EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/09/16 10:20 p.m.36 views

CVE-2022-35994 `CHECK` fail in `CollectiveGather` in TensorFlow

TensorFlow is an open source platform for machine learning. When CollectiveGather receives an scalar input input, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c1f491817dec39a26be3c574e86a88c30f3c4770. The fix will be...

5.9CVSS7.6AI score0.00396EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/09/16 10:20 p.m.2 views

CVE-2022-35994

TensorFlow is an open source platform for machine learning. When CollectiveGather receives an scalar input input, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c1f491817dec39a26be3c574e86a88c30f3c4770. The fix will be...

7.5CVSS6.8AI score0.00396EPSS
Exploits0
CVE
CVE
added 2022/09/16 10:20 p.m.93 views

CVE-2022-35994

CVE-2022-35994 is a denial-of-service issue in TensorFlow’s CollectiveGather when given a scalar input. Root cause: a CHECK failure in CollectiveGather. A patch was committed (c1f491817dec39a26be3c574e86a88c30f3c4770) and will be included in TensorFlow 2.10.0; the fix will also be cherry-picked t...

7.5CVSS6.4AI score0.00396EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/09/16 10:20 p.m.18 views

CVE-2022-35994 `CHECK` fail in `CollectiveGather` in TensorFlow

TensorFlow is an open source platform for machine learning. When CollectiveGather receives an scalar input input, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c1f491817dec39a26be3c574e86a88c30f3c4770. The fix will be...

5.9CVSS7.6AI score0.00396EPSS
Exploits0References4
CVE
CVE
added 2022/09/16 10:20 p.m.107 views

CVE-2022-35993

TensorFlow CVE-2022-35993 concerns a CHECK failure in SetSize when set_shape is not 1D, allowing a denial-of-service condition. The issue is attributed to SetSize input validation and is mitigated by a patch in commit cf70b79d2662c0d3c6af74583641e345fc939467, with fixes planned for TensorFlow 2.1...

7.5CVSS6.4AI score0.00396EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/16 10:20 p.m.36 views

CVE-2022-35993 `CHECK` fail in `SetSize` in TensorFlow

TensorFlow is an open source platform for machine learning. When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix...

5.9CVSS7.6AI score0.00396EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/09/16 10:20 p.m.4 views

CVE-2022-35993

TensorFlow is an open source platform for machine learning. When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix...

7.5CVSS6.8AI score0.00396EPSS
Exploits0
OSV
OSV
added 2022/09/16 10:20 p.m.19 views

CVE-2022-35993 `CHECK` fail in `SetSize` in TensorFlow

TensorFlow is an open source platform for machine learning. When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix...

5.9CVSS7.9AI score0.00396EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/09/16 10:20 p.m.34 views

CVE-2022-35992 `CHECK` fail in `TensorListFromTensor` in TensorFlow

TensorFlow is an open source platform for machine learning. When TensorListFromTensor receives an elementshape of a rank greater than one, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee. The fi...

5.9CVSS7.7AI score0.00396EPSS
Exploits0References2
CVE
CVE
added 2022/09/16 10:20 p.m.93 views

CVE-2022-35992

TensorFlow’s CVE-2022-35992 affects TensorListFromTensor when element_shape has rank &gt; 1, triggering a CHECK failure that can lead to denial of service. The issue is addressed by GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee and will be fixed in TensorFlow 2.10.0; Red Hat and IBM advi...

7.5CVSS6.4AI score0.00396EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2022/09/16 10:20 p.m.3 views

CVE-2022-35992

TensorFlow is an open source platform for machine learning. When TensorListFromTensor receives an elementshape of a rank greater than one, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee. The fi...

7.5CVSS6.8AI score0.00396EPSS
Exploits0
OSV
OSV
added 2022/09/16 10:20 p.m.25 views

CVE-2022-35992 `CHECK` fail in `TensorListFromTensor` in TensorFlow

TensorFlow is an open source platform for machine learning. When TensorListFromTensor receives an elementshape of a rank greater than one, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee. The fi...

5.9CVSS7.6AI score0.00396EPSS
Exploits0References4
CVE
CVE
added 2022/09/16 10:20 p.m.99 views

CVE-2022-35991

TensorFlow CVE-2022-35991 affects TensorListScatter and TensorListScatterV2 when element_shape has rank greater than one, triggering a CHECK failure that can lead to a denial of service. The issue is documented in OSV entries (BIT-TENSORFLOW-2022-35991) and related advisories, which confirm a pat...

7.5CVSS6.4AI score0.00441EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/16 10:20 p.m.26 views

CVE-2022-35991 `CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in TensorFlow

TensorFlow is an open source platform for machine learning. When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...

5.9CVSS7.6AI score0.00441EPSS
Exploits0References2
OSV
OSV
added 2022/09/16 10:20 p.m.21 views

CVE-2022-35991 `CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in TensorFlow

TensorFlow is an open source platform for machine learning. When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...

5.9CVSS7.6AI score0.00441EPSS
Exploits0References4
Rows per page
Query Builder