Security Bulletin: For IBM Cloudpak for Watson AIOPS 3.5.1

Summary This SB contains a list for all CVE's listed here - CVE-2022-36083, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2021-21797, CVE-2022-35941, CVE-2021-42248, CVE-2021-42836, CVE-2022-40186, CVE-2022-41316, CVE-2021-36090, CVE-2020-29529, CVE-2020-7219 fixed in 3.5.1 Vulnerability...

CBL Mariner 2.0 Security Update: clang16 / llvm16 / tensorflow (CVE-2023-29941)

The version of clang16 / llvm16 / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-29941 advisory. - llvm-project commit a0138390 was discovered to contain a segmentation fault via the...

Azure Linux 3.0 Security Update: clang16 / llvm16 / tensorflow (CVE-2023-29941)

The version of clang16 / llvm16 / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-29941 advisory. - llvm-project commit a0138390 was discovered to contain a segmentation fault via the...

Security Bulletin: Vulnerability in TensorFlow affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in TensorFlow has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.. The vulnerability have been addressed. Refer to details for additional information...

CVE-2025-27516 vulnerabilities

Vulnerabilities for packages: grafana-oncall, jupyter-base-notebook, tensorflow-cpu-jupyter, checkov, reflex...

GHSA-CPWX-VRP4-4PQ7 vulnerabilities

Vulnerabilities for packages: grafana-oncall, jupyter-base-notebook, tensorflow-cpu-jupyter, checkov, reflex...

CVE-2024-6923 affecting package tensorflow for versions less than 2.16.1-9

CVE-2024-6923 affecting package tensorflow for versions less than 2.16.1-9. A patched version of the package is available...

CVE-2024-5569 affecting package tensorflow for versions less than 2.16.1-9

CVE-2024-5569 affecting package tensorflow for versions less than 2.16.1-9. A patched version of the package is available...

Azure Linux 3.0 Security Update: python3 (CVE-2024-6923)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6923 advisory. - There is a MEDIUM severity vulnerability affecting CPython. The email module didn't properly quote newlines...

Azure Linux 3.0 Security Update: libpng / tensorflow (CVE-2022-3857)

The version of libpng / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3857 advisory. - libpng: Null pointer dereference leads to segmentation fault CVE-2022-3857 Note that Nessus has...

Azure Linux 3.0 Security Update: python3 / tensorflow (CVE-2024-6232)

The version of python3 / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6232 advisory. - There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27534)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27534 advisory. - A path traversal vulnerability exists in curl 8.0.0 SFTP implementation...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27535)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27535 advisory. - An authentication bypass vulnerability exists in libcurl 8.0.0 in the FTP...

Azure Linux 3.0 Security Update: python-requests / tensorflow (CVE-2024-35195)

The version of python-requests / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35195 advisory. - Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-28320)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28320 advisory. - A denial of service vulnerability exists in curl v8.1.0 in the way libcurl...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27533)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27533 advisory. - A vulnerability in input validation exists in curl 8.0 during communicatio...

CVE-2021-37637

TensorFlow is an end-to-end open source platform for machine learning. It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to tf.rawops.CompressElement. The implementation was accessing the size of a buffer obtained from the return of a separate function...

CVE-2021-37655

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to tf.rawops.ResourceScatterUpdate. The implementation has an incomplete validation of the...

CVE-2021-37664

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to BoostedTreesSparseCalculateBestFeatureSplit. The implementation needs to validate that...

CVE-2021-37651

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.FractionalAvgPoolGrad can be tricked into accessing data outside of bounds of heap allocated buffers. The implementation does not validate that the input tensor is non-empt...