12 matches found
CVE-2021-41227
TensorFlow is an open source platform for machine learning. In affected versions the ImmutableConst operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the tstring TensorFlow string class has a special case for memory mapped strings but the operation...
SUSE CVE-2021-41227
TensorFlow is an open source platform for machine learning. In affected versions the ImmutableConst operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the tstring TensorFlow string class has a special case for memory mapped strings but the operation...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +60 more potentially affected by CVE-2021-41227 via tensorflow (>=2.5.0 <=2.5.1)
tensorflow PYPI version =2.5.0, =0.21.2, =0.0.1, =1.1.0, =0.1.6, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.8.0 and more Source cves: CVE-2021-41227 Source advisory: OSV:GHSA-J8C8-67VP-6MX7...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4817 more potentially affected by CVE-2021-41227 via tensorflow (>=1.0.1 <=2.4.3)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2021-41227 Source advisory: OSV:GHSA-J8C8-67VP-6MX7...
bent (>=0.0.9 <=0.0.80), tensorflow-recommenders-addons-gpu (>=0.3.0 <=0.4.1) potentially affected by CVE-2021-41227 via tensorflow-gpu (=2.5.1)
tensorflow-gpu PYPI version =2.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - bent =0.0.9, =0.3.0, =0.4.1 Source cves: CVE-2021-41227 Source advisory: OSV:GHSA-J8C8-67VP-6MX7...
iqradre (>=0.1.5 <=0.2.1), lurara (>=0.1.0 <=0.1.1) +5 more potentially affected by CVE-2021-41227 via tensorflow-gpu (=2.6.0)
tensorflow-gpu PYPI version =2.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - iqradre =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2021-41227 Source advisory: OSV:GHSA-J8C8-67VP-6MX7...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +101 more potentially affected by CVE-2021-41227 via tensorflow-cpu (>=1.15.0 <=2.4.0)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2021-41227 Source advisory: OSV:PYSEC-2021-636...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4817 more potentially affected by CVE-2021-41227 via tensorflow (>=1.0.1 <=2.4.3)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2021-41227 Source advisory: OSV:PYSEC-2021-419...
iqradre (>=0.1.5 <=0.2.1), lurara (>=0.1.0 <=0.1.1) +5 more potentially affected by CVE-2021-41227 via tensorflow-gpu (=2.6.0)
tensorflow-gpu PYPI version =2.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - iqradre =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2021-41227 Source advisory: OSV:PYSEC-2021-834...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +60 more potentially affected by CVE-2021-41227 via tensorflow (>=2.5.0 <=2.5.1)
tensorflow PYPI version =2.5.0, =0.21.2, =0.0.1, =1.1.0, =0.1.6, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.8.0 and more Source cves: CVE-2021-41227 Source advisory: OSV:PYSEC-2021-419...
CVE-2021-41227 Arbitrary memory read in `ImmutableConst`
TensorFlow is an open source platform for machine learning. In affected versions the ImmutableConst operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the tstring TensorFlow string class has a special case for memory mapped strings but the operation...
CVE-2021-41227
TensorFlow CVE-2021-41227 concerns the ImmutableConst operation, which in affected versions can read arbitrary memory due to the tstring class having a special case for memory-mapped strings while the operation does not handle this datatype. The issue is rooted in the mismatch between memory-mapp...