CVE-2022-23560

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

Out-of-bounds Write

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Out-of-bounds Write via the todense function in the Completions API endpoint when processing user-supplied prompt embeddings. An attacker can achiev...

vLLM deserialization vulnerability leading to DoS and potential RCE

Summary A memory corruption vulnerability that leading to a crash denial-of-service and potentially remote code execution RCE exists in vLLM versions 0.10.2 and later, in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using...

BIT-PYTORCH-2025-55560

An issue in pytorch v2.7.0 can lead to a Denial of Service DoS when a PyTorch model consists of torch.Tensor.tosparse and torch.Tensor.todense and is compiled by Inductor...

Unspecified Vulnerability in PyTorch (CNVD-2025-23278)

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from mishandling when compiling models containing torch.Tensor.tosparse and torch.Tensor.todense, which can be exploited by an attacker to cause a denial of service...

DEBIAN-CVE-2025-55560

An issue in pytorch v2.7.0 can lead to a Denial of Service DoS when a PyTorch model consists of torch.Tensor.tosparse and torch.Tensor.todense and is compiled by Inductor...

PYSEC-2025-209

An issue in pytorch v2.7.0 can lead to a Denial of Service DoS when a PyTorch model consists of torch.Tensor.tosparse and torch.Tensor.todense and is compiled by Inductor...

CVE-2025-55560

An issue in pytorch v2.7.0 can lead to a Denial of Service DoS when a PyTorch model consists of torch.Tensor.tosparse and torch.Tensor.todense and is compiled by Inductor...

CVE-2025-55560

CVE-2025-55560 affects PyTorch where a model using torch.Tensor.to_sparse() and torch.Tensor.to_dense() compiled by Inductor can cause a DoS. Connected advisories specify affected package versions: PyTorch < 2.0.0-11 and PyTorch

SUSE CVE-2022-23560

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

GHSA-4HVF-HXVG-F67V Read and Write outside of bounds in TensorFlow

Impact An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. Patches We have patched the issue in GitHub commit 6364463d6f5b6254cac3d6aedf999b6a96225038...

PYSEC-2022-124

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

PYSEC-2022-69

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

PT-2022-16076 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.5.3 through 2.7.1 TensorFlow version 2.8.0 is not affected, as it includes the fix. Description: An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits...