5 matches found
EUVD-2024-2351
Malicious code in bioql PyPI...
TensorFlow has segfault in array_ops.upper_bound
Impact arrayops.upperbound causes a segfault when not given a rank 2 tensor. Patches We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586. The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1. For more information...
CVE-2023-33976 TensorFlow segfault in array_ops.upper_bound
TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...
CVE-2023-33976 TensorFlow segfault in array_ops.upper_bound
TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...
Remote Code Execution (RCE)
tensorflow is vulnerable to Remote Code Execution RCE. The vulnerability is due to the QuantizeAndDequantizeV2/V3/V4/V4Grad functions in arrayops.cc, which allows heap out-of-buffer reads, possibly allowing an attacker to execute malicious code or crash the system...