PT-2023-23229 · Apache · Apache Inlong

Name of the Vulnerable Software and Affected Versions: Apache InLong versions 1.4.0 through 1.6.0 Description: The issue affects Apache InLong, allowing attackers to change the immutable name and type of nodes. This can be exploited by attackers, but there is no information provided about the...

PYSEC-2022-116

Tensorflow is an Open Source Machine Learning Framework. The implementation of Bincount operations allows malicious users to cause denial of service by passing in arguments which would trigger a CHECK-fail. There are several conditions that the input arguments must satisfy. Some are not caught...

PYSEC-2021-475

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of service via accessing data outside of bounds in tf.rawops.QuantizedBatchNormWithGlobalNormalization. This is because the...

PT-2021-18297 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.1.4 through 2.4.2 Description: An attacker can trigger an integer division by zero undefined behavior in tf.raw ops.QuantizedBiasAdd. This is because the implementation of the Eigen...

PT-2021-18349 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2, 2.3.3, 2.2.3, and 2.1.4 are also affected Description: The implementation of the SVDF TFLite operator in TensorFlow is vulnerable to a division by zero error. An attacker can craft...