Lucene search
K

9 matches found

vulnersOsv
vulnersOsv
added 2022/02/09 11:27 p.m.5 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23587 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-23587 Source advisory:...

9.8CVSS7.2AI score0.00888EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:27 p.m.9 views

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-23587 via tensorflow (>=2.7.0 <=2.7.0rc1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-23587 Source advisory: OSV:GHSA-8JJ7-5VXC-PG2Q...

9.8CVSS7.2AI score0.00888EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:27 p.m.5 views

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-23587 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-23587 Source advisory: OSV:GHSA-8JJ7-5VXC-PG2Q...

9.8CVSS7.2AI score0.00888EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:27 p.m.5 views

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-23587 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-23587 Source advisory: OSV:GHSA-8JJ7-5VXC-PG2Q...

9.8CVSS7.2AI score0.00888EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:27 p.m.7 views

a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +102 more potentially affected by CVE-2022-23587 via tensorflow-cpu (>=1.15.0 <=2.4.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-23587 Source advisory: OSV:GHSA-8JJ7-5VXC-PG2Q...

9.8CVSS7.2AI score0.00888EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.5 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +171 more potentially affected by CVE-2022-23587 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23587 Source advisory: OSV:PYSEC-2022-151...

9.8CVSS7.2AI score0.00888EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.4 views

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23587 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23587 Source advisory: OSV:PYSEC-2022-151...

9.8CVSS7.2AI score0.00888EPSS
Exploits1
CVE
CVE
added 2022/02/04 10:32 p.m.124 views

CVE-2022-23587

CVE-2022-23587 concerns TensorFlow, specifically the Grappler cost-estimator path. The vulnerability is an integer overflow in the cost estimation for crop and resize within Grappler, triggered by user-controlled cropping parameters, which can lead to undefined behavior. The patch is committed (c...

9.8CVSS9.2AI score0.00888EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/04 10:32 p.m.6 views

CVE-2022-23587 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior...

8.8CVSS9.5AI score0.00888EPSS
Exploits1References3
Rows per page
Query Builder