7 matches found
CVE-2020-15212
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...
pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2020-15212 via tensorflow-cpu (=2.2.0)
tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2020-15212 Source advisory: OSV:PYSEC-2020-292...
deep-floorplan (=0.0.0) potentially affected by CVE-2020-15212 via tensorflow-gpu (=2.3.0)
tensorflow-gpu PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - deep-floorplan =0.0.0 Source cves: CVE-2020-15212 Source advisory: OSV:PYSEC-2020-327...
d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2020-15212 via tensorflow-gpu (=2.2.0)
tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2020-15212 Source advisory: OSV:GHSA-HX2X-85GR-WRPQ...
accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +82 more potentially affected by CVE-2020-15212 via tensorflow (=2.2.0)
tensorflow PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - accuinsight =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2020-15212 Source advisory...
deep-floorplan (=0.0.0) potentially affected by CVE-2020-15212 via tensorflow-gpu (=2.3.0)
tensorflow-gpu PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - deep-floorplan =0.0.0 Source cves: CVE-2020-15212 Source advisory: OSV:GHSA-HX2X-85GR-WRPQ...
adapt-diagnostics (=1.2.0), adversarial-friend (=1.1.8) +64 more potentially affected by CVE-2020-15212 via tensorflow (=2.3.0)
tensorflow PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - adapt-diagnostics =1.2.0 - adversarial-friend =1.1.8 - aliby-baby =0.1.0, =0.0.1a0, =0.0.1, =1.0.1.0, =0.1.0, =2.0.0, =0.1.0, =0.0.17, =0.1...