Lucene search
+L

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:44 a.m.25 views

CVE-2022-23560

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

8.8CVSS6.5AI score0.00837EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/02/09 11:53 p.m.5 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-23560 via tensorflow (>=1.0.1 <=2.5.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-23560 Source advisory: OSV:GHSA-4HVF-HXVG-F67V...

8.8CVSS7.6AI score0.00837EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:53 p.m.5 views

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-23560 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-23560 Source advisory: OSV:GHSA-4HVF-HXVG-F67V...

8.8CVSS7.2AI score0.00837EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:53 p.m.6 views

a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +102 more potentially affected by CVE-2022-23560 via tensorflow-cpu (>=1.15.0 <=2.4.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-23560 Source advisory: OSV:GHSA-4HVF-HXVG-F67V...

8.8CVSS7.2AI score0.00837EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:53 p.m.4 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23560 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-23560 Source advisory:...

8.8CVSS7.2AI score0.00837EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:53 p.m.6 views

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-23560 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-23560 Source advisory: OSV:GHSA-4HVF-HXVG-F67V...

8.8CVSS7.2AI score0.00837EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:53 p.m.8 views

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23560 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23560 Source advisory: OSV:GHSA-4HVF-HXVG-F67V...

8.8CVSS7.2AI score0.00837EPSS
Exploits1
NVD
NVD
added 2022/02/04 11:15 p.m.36 views

CVE-2022-23560

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

8.8CVSS0.00837EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.5 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +171 more potentially affected by CVE-2022-23560 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23560 Source advisory: OSV:PYSEC-2022-124...

8.8CVSS7.2AI score0.00837EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.8 views

a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +102 more potentially affected by CVE-2022-23560 via tensorflow-cpu (>=1.15.0 <=2.4.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-23560 Source advisory: OSV:PYSEC-2022-69...

8.8CVSS7.2AI score0.00837EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.6 views

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23560 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23560 Source advisory: OSV:PYSEC-2022-124...

8.8CVSS7.2AI score0.00837EPSS
Exploits1
CVE
CVE
added 2022/02/04 10:32 p.m.157 views

CVE-2022-23560

CVE-2022-23560 affects TensorFlow/TFLite: a vulnerability in converting sparse tensors to dense tensors allows limited reads/writes outside array bounds due to missing validation in sparsity_format_converter. The issue is addressed with the TensorFlow 2.8.0 fix, with cherry-picks to 2.7.1, 2.6.3,...

8.8CVSS8.6AI score0.00837EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/04 10:32 p.m.5 views

CVE-2022-23560 Read and Write outside of bounds in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

8.8CVSS8.6AI score0.00837EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.53 views

CVE-2022-23560 Read and Write outside of bounds in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

8.8CVSS8.9AI score0.00837EPSS
Exploits1References3
Rows per page
Query Builder