Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.3 views

SUSE CVE-2022-21740

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...

8.8CVSS8.6AI score0.00788EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.4 views

SUSE CVE-2022-23566

Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in Grappler. The setoutput function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also...

8.8CVSS8.6AI score0.00924EPSS
Exploits1References3
OSV
OSV
added 2022/02/04 11:15 p.m.4 views

PYSEC-2022-153

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a SavedModel file fixing the first one would trigger the same...

6.5CVSS5.9AI score0.01097EPSS
Exploits1References5
PyPA
PyPA
added 2022/02/04 11:15 p.m.5 views

PYSEC-2022-137

Tensorflow is an Open Source Machine Learning Framework. The implementation of AssignOp can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of...

8.8CVSS6.9AI score0.00755EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/04 11:15 p.m.8 views

PYSEC-2022-81

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the DCHECK function however, DCHECK is a no-op in production builds and an assertion failure in debug builds. In the first cas...

6.5CVSS7AI score0.00992EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.3 views

CVE-2022-23565

Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS6.9AI score0.00469EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.3 views

CVE-2022-23574

Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write. Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg from outside the...

8.8CVSS6.9AI score0.00837EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.3 views

CVE-2022-23577

Tensorflow is an Open Source Machine Learning Framework. The implementation of GetInitOp is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, ...

6.5CVSS7AI score0.00783EPSS
Exploits1
PyPA
PyPA
added 2022/02/03 1:15 p.m.6 views

PYSEC-2022-108

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS7.2AI score0.00783EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/03 12:15 p.m.5 views

PYSEC-2022-111

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

6.5CVSS5.9AI score0.00765EPSS
Exploits1References3
PyPA
PyPA
added 2022/02/03 11:15 a.m.8 views

PYSEC-2022-109

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS6.9AI score0.00815EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder