5 matches found
PYSEC-2026-944 Missing validation causes denial of service via `LSTMBlockCell`
Impact The implementation of tf.rawops.LSTMBlockCell does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.rawops.LSTMBlockCell x=tf.constant0.837607, shape=28,29, dtype=tf.float32,...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in GRUBlockCellGrad. PoC func = tf.rawops.GRUBlockCellGrad para = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1,...
PT-2023-20218
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.12.0 and 2.11.1 Description TensorFlow, an open source platform for machine learning, has an issue where an out of bounds read occurs in GRUBlockCellGrad. The function tf.raw ops.GRUBlockCellGrad is affected, wit...
GHSA-2VV3-56QG-G2CF Missing validation causes denial of service via `LSTMBlockCell`
Impact The implementation of tf.rawops.LSTMBlockCell does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.rawops.LSTMBlockCell x=tf.constant0.837607, shape=28,29, dtype=tf.float32,...
PT-2022-19452
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description The implementation of tf.raw ops.LSTMBlockCell does not fully validate the input arguments,...