8 matches found
CVE-2020-15192
In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +163 more potentially affected by CVE-2020-15192 via tensorflow-gpu (>=1.10.1 <=2.2.0)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2020-15192 Source advisory: OSV:PYSEC-2020-307...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4695 more potentially affected by CVE-2020-15192 via tensorflow (>=1.0.1 <=2.2.0)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2020-15192 Source advisory: OSV:PYSEC-2020-115...
CVE-2020-15192
CVE-2020-15192 affects TensorFlow and is a memory leak in the dlpack.to_dlpack path when a list of strings is passed. Root cause: the status argument used during validation failures isn’t checked, allowing a potentially failing status to be ignored and leading to memory leakage. Affected: TensorF...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +82 more potentially affected by CVE-2020-15192 via tensorflow (=2.2.0)
tensorflow PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - accuinsight =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2020-15192 Source advisory...
deep-floorplan (=0.0.0) potentially affected by CVE-2020-15192 via tensorflow-gpu (=2.3.0)
tensorflow-gpu PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - deep-floorplan =0.0.0 Source cves: CVE-2020-15192 Source advisory: OSV:GHSA-8FXW-76PX-3RXV...
pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2020-15192 via tensorflow-cpu (=2.2.0)
tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2020-15192 Source advisory: OSV:GHSA-8FXW-76PX-3RXV...
adapt-diagnostics (=1.2.0), adversarial-friend (=1.1.8) +64 more potentially affected by CVE-2020-15192 via tensorflow (=2.3.0)
tensorflow PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - adapt-diagnostics =1.2.0 - adversarial-friend =1.1.8 - aliby-baby =0.1.0, =0.0.1a0, =0.0.1, =1.0.1.0, =0.1.0, =2.0.0, =0.1.0, =0.0.17, =0.1...