SUSE CVE-2017-5849

tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service out-of-bounds read and write via a crafted tiff image file, related to transposing width and height values...

SUSE CVE-2018-6392

The filterslice function in libavfilter/vftranspose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service out-of-array access via a crafted MP4 file...

SUSE CVE-2021-41216

TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for Transpose is vulnerable to a heap buffer overflow. This occurs whenever perm contains negative elements. The shape inference function does not validate that the indices in perm are al...

Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite

...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if...

AZL-11532 CVE-2022-41894 affecting package tensorflow for versions less than 2.11.0-1

TensorFlow is an open source platform for machine learning. The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if the number of inp...

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from a reference kernel for the CONV3DTRANSPOSE TensorFlow Lite operator that incorrectly adds dataptr when adding bias to results...

PT-2022-26125 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.11 TensorFlow versions 2.10.1 and earlier TensorFlow versions 2.9.3 and earlier TensorFlow versions 2.8.4 and earlier Description: The reference kernel of the CONV 3D TRANSPOSE TensorFlow Lite operator wrongly...

CVE-2022-41894

TensorFlow is an open source platform for machine learning. The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if the number of inp...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google Inc. in the United States. Google TensorFlow suffers from an input validation error vulnerability that stems from a segmentation error in the converter and crashes the Python process when using a...

Huawei MindSpore Community Transpose信息泄露漏洞

Huawei MindSpore Community, an open source deep learning framework from Huawei, China, is vulnerable to an information disclosure vulnerability in Huawei MindSpore Community Transpose, which results from accessing sensitive data when the value in the perm element is greater than or equal to the...

CVE-2021-33649

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

CVE-2021-33649

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

Heap overflow

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

CVE-2021-33649

The CVE-2021-33649 issue affects Huawei MindSpore Community’s Transpose operator. When performing the inference shape operation, if the perm element value is greater than or equal to the input_shape size, the implementation may access data outside the heap-allocated input_shape buffers, potential...

CVE-2021-33649

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

Huawei MindSpore Community 缓冲区错误漏洞

Huawei MindSpore Community, an open source deep learning framework from Huawei, China, is vulnerable to an information disclosure vulnerability in Huawei MindSpore Community Transpose, which results from accessing sensitive data when the value in the perm element is greater than or equal to the...

GHSA-3FF2-R28G-W7H9 Heap buffer overflow in `Transpose`

Impact The shape inference function for Transpose is vulnerable to a heap buffer overflow: python import tensorflow as tf @tf.function def test: y = tf.rawops.Transposex=1,2,3,4,perm=-10 return y test This occurs whenever perm contains negative elements. The shape inference function does not...

Heap buffer overflow in `Transpose`

Impact The shape inference function for Transpose is vulnerable to a heap buffer overflow: python import tensorflow as tf @tf.function def test: y = tf.rawops.Transposex=1,2,3,4,perm=-10 return y test This occurs whenever perm contains negative elements. The shape inference function does not...

Google TensorFlow buffer overflow vulnerability (CNVD-2021-87050)

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google TensorFlow is vulnerable to a buffer overflow vulnerability that stems from Transpose's shape inference function being vulnerable to a heap buffer overflow. No details of the vulnerability are...