9 matches found
CVE-2022-29192
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.QuantizeAndDequantizeV4Grad does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...
causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-29192 via tensorflow-gpu (=2.8.0)
tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-29192 Source advisory: OSV:GHSA-H2WQ-PRV9-2...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29192 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29192 Source advisory:...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +102 more potentially affected by CVE-2022-29192 via tensorflow-cpu (>=1.15.0 <=2.5.3)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-29192 Source advisory: OSV:GHSA-H2WQ-PRV9-2F56...
animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +177 more potentially affected by CVE-2022-29192 via tensorflow-gpu (>=1.10.1 <=2.6.3)
tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-29192 Source advisory: OSV:GHSA-H2WQ-PRV9-2F56...
acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29192 via tensorflow (>=2.8.0 <=2.8.0rc1)
tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29192 Source advisory: OSV:GHSA-H2WQ-PRV9-2F56...
Google TensorFlow Input Validation Error Vulnerability (CVE-2022-29192)
Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to an input validation error in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which originates in tf.rawops QuantizeAndDequantizeV4Grad does not fully validate the input parameters and c...
CVE-2022-29192
TensorFlow vulnerability CVE-2022-29192 affects tf.raw_ops.QuantizeAndDequantizeV4Grad; it does not fully validate input arguments, causing a CHECK failure that can trigger a denial of service. Affected versions are prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4. A patch exists in 2.9.0 and has been bac...
CVE-2022-29192 Missing validation crashes `QuantizeAndDequantizeV4Grad` in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.QuantizeAndDequantizeV4Grad does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...