9 matches found
Security Bulletin: Multiple vulnerabilities fixed in IBM Maximo Application Suite Monitor
Summary IBM Maximo Application Suite Monitor is vulnerable to Multiple vulnerabilities. See Vulnerability Details. This has been addressed in each of the components; refer to the Remediation section for details. Vulnerability Details CVEID: CVE-2020-15265 DESCRIPTION: Tensorflow is vulnerable to ...
Security Bulletin: TensorFlow in Watson Machine Learning Community Edition 1.6.2 and 1.7.0 has been patched for various security issues.
Summary TensorFlow in Watson Machine Learning Community Edition 1.6.2 and 1.7.0 has had various CVE reported against it and have been patched. Users should update to the latest available TensorFlow package. Vulnerability Details CVEID: CVE-2020-15265 DESCRIPTION: Tensorflow is vulnerable to a...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4779 more potentially affected by CVE-2020-15265 via tensorflow (>=1.0.1 <=2.3.4)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2020-15265 Source advisory: OSV:GHSA-RRFP-J2MP-HQ9C...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +100 more potentially affected by CVE-2020-15265 via tensorflow-cpu (>=1.15.0 <=2.3.1)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2020-15265 Source advisory: OSV:GHSA-RRFP-J2MP-HQ9C...
CVE-2020-15265
In Tensorflow before version 2.4.0, an attacker can pass an invalid axis value to tf.quantization.quantizeanddequantize. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dimsize only does a DCHECK to validate the argument and th...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4779 more potentially affected by CVE-2020-15265 via tensorflow (>=1.0.1 <=2.3.4)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2020-15265 Source advisory: OSV:PYSEC-2020-138...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +164 more potentially affected by CVE-2020-15265 via tensorflow-gpu (>=1.10.1 <=2.3.4)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2020-15265 Source advisory: OSV:PYSEC-2020-330...
CVE-2020-15265
TensorFlow before 2.4.0 is affected by CVE-2020-15265: passing an invalid axis to tf.quantization.quantize_and_dequantize can trigger a segfault due to a DCHECK in dim_size, potentially crashing the C++ kernel. The issue is patched in commit eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow...
CVE-2020-15265 Segfault in Tensorflow
In Tensorflow before version 2.4.0, an attacker can pass an invalid axis value to tf.quantization.quantizeanddequantize. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dimsize only does a DCHECK to validate the argument and th...