Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:29 p.m.8 views

CVE-2022-23587

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior...

9.8CVSS6.8AI score0.00888EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2022/02/09 11:27 p.m.56 views

Integer overflow in TensorFlow

Impact Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. Patches We have patched the issue in GitHub commi...

9.8CVSS2.4AI score0.00888EPSS
Exploits1References7Affected Software3
CNVD
CNVD
added 2022/02/09 12:0 a.m.68 views

Tensorflow Input Validation Error Vulnerability (CNVD-2022-11209)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Tensorflow, which stems from the fact that the er component of TensorFlow is prone to integer overflow when estimating the cost of crop and resize, whic...

9.8CVSS3AI score0.00888EPSS
Exploits1References1
OSV
OSV
added 2022/02/04 11:15 p.m.4 views

PYSEC-2022-151

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior...

9.8CVSS7.2AI score0.00888EPSS
Exploits1References3
Prion
Prion
added 2022/02/04 11:15 p.m.24 views

Integer overflow

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior...

7.5CVSS9.4AI score0.00888EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.32 views

CVE-2022-23587 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior...

8.8CVSS9.8AI score0.00888EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.6 views

Tensorflow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Tensorflow, which stems from the fact that the er component of TensorFlow is prone to integer overflow when estimating the cost of crop and resize, whic...

9.8CVSS5.7AI score0.00888EPSS
Exploits1References4
CNVD
CNVD
added 2020/10/23 12:0 a.m.2 views

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2020-62809)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow versions prior to 2.4.0, which stems from when the parameter to boxes of tf.image.cropandresize has a very large value, and the CPU kernel...

7.5CVSS7AI score0.00916EPSS
Exploits1References1
PyPA
PyPA
added 2020/10/21 9:15 p.m.8 views

PYSEC-2020-296

In Tensorflow before version 2.4.0, when the boxes argument of tf.image.cropandresize has a very large value, the CPU kernel implementation receives it as a C++ nan floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. The issue is...

7.5CVSS6.8AI score0.00916EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2020/10/21 9:15 p.m.9 views

PYSEC-2020-139

In Tensorflow before version 2.4.0, when the boxes argument of tf.image.cropandresize has a very large value, the CPU kernel implementation receives it as a C++ nan floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. The issue is...

7.5CVSS6.8AI score0.00916EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2020/10/21 9:15 p.m.7 views

PYSEC-2020-331

In Tensorflow before version 2.4.0, when the boxes argument of tf.image.cropandresize has a very large value, the CPU kernel implementation receives it as a C++ nan floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. The issue is...

7.5CVSS6.8AI score0.00916EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2020/10/21 8:30 p.m.2 views

CVE-2020-15266

In Tensorflow before version 2.4.0, when the boxes argument of tf.image.cropandresize has a very large value, the CPU kernel implementation receives it as a C++ nan floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. The issue is...

7.5CVSS6.8AI score0.00916EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2020/10/21 12:0 a.m.4 views

PT-2020-14326 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.4.0 Description: The issue arises when the boxes argument of tf.image.crop and resize has a very large value, causing the CPU kernel implementation to receive it as a C++ nan floating point value. This leads to...

7.5CVSS7.2AI score0.00916EPSS
Exploits1References14
Rows per page
Query Builder