Lucene search
+L

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:6 p.m.13 views

CVE-2021-37670

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...

5.5CVSS6.6AI score0.00169EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2021/08/25 2:41 p.m.5 views

alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37670 via tensorflow (=2.5.0)

tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...

5.5CVSS5.8AI score0.00169EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:41 p.m.4 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4761 more potentially affected by CVE-2021-37670 via tensorflow (>=1.0.1 <=2.3.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-37670 Source advisory: OSV:GHSA-9697-98PF-4RW7...

5.5CVSS5.5AI score0.00169EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:41 p.m.6 views

a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +100 more potentially affected by CVE-2021-37670 via tensorflow-cpu (>=1.15.0 <=2.3.1)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2021-37670 Source advisory: OSV:GHSA-9697-98PF-4RW7...

5.5CVSS5.8AI score0.00169EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:41 p.m.5 views

complaintclassify (=0.0.9) potentially affected by CVE-2021-37670 via tensorflow-cpu (=2.4.0)

tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37670 Source advisory: OSV:GHSA-9697-98PF-4RW7...

5.5CVSS5.8AI score0.00169EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:41 p.m.6 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +164 more potentially affected by CVE-2021-37670 via tensorflow-gpu (>=1.10.1 <=2.3.2)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-37670 Source advisory: OSV:GHSA-9697-98PF-4RW7...

5.5CVSS5.8AI score0.00169EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 2:41 p.m.8 views

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-37670 via tensorflow-gpu (>=2.4.0 <=2.4.2)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-37670 Source advisory: OSV:GHSA-9697-98PF-4RW7...

5.5CVSS5.8AI score0.00169EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/12 11:15 p.m.6 views

complaintclassify (=0.0.9) potentially affected by CVE-2021-37670 via tensorflow-cpu (=2.4.0)

tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37670 Source advisory: OSV:PYSEC-2021-583...

5.5CVSS5.8AI score0.00169EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/12 11:15 p.m.4 views

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-37670 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-37670 Source advisory: OSV:PYSEC-2021-583...

5.5CVSS5.8AI score0.00169EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/12 11:15 p.m.7 views

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-37670 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-37670 Source advisory: OSV:PYSEC-2021-781...

5.5CVSS5.8AI score0.00169EPSS
Exploits0
Cvelist
Cvelist
added 2021/08/12 10:25 p.m.31 views

CVE-2021-37670 Heap OOB in `UpperBound` and `LowerBound` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...

5.5CVSS6.1AI score0.00169EPSS
Exploits0References2
CVE
CVE
added 2021/08/12 10:25 p.m.108 views

CVE-2021-37670

TensorFlow vulnerability CVE-2021-37670 involves a heap-based out-of-bounds read in tf.raw_ops.UpperBound (and LowerBound) caused by missing rank validation of the sorted_input argument. A patch was committed (commit 42459e4273c2e47a3232cc16c4f4fff3b3a35c38) and the fix is slated for TensorFlow 2...

5.5CVSS5.7AI score0.00169EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder