12 matches found
CVE-2022-29195
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.StagePeek does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. The code...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29195 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29195 Source advisory:...
animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +177 more potentially affected by CVE-2022-29195 via tensorflow-gpu (>=1.10.1 <=2.6.3)
tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-29195 Source advisory: OSV:GHSA-H48F-Q7RW-HVR7...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-29195 via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-29195 Source advisory: OSV:GHSA-H48F-Q7RW-HVR7...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +102 more potentially affected by CVE-2022-29195 via tensorflow-cpu (>=1.15.0 <=2.5.3)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-29195 Source advisory: OSV:GHSA-H48F-Q7RW-HVR7...
aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +39 more potentially affected by CVE-2022-29195 via tensorflow (>=2.7.0 <=2.7.1)
tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =1.2.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-29195 Source advisory: OSV:GHSA-H48F-Q7RW-HVR7...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4878 more potentially affected by CVE-2022-29195 via tensorflow (>=1.0.1 <=2.6.3)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-29195 Source advisory: OSV:GHSA-H48F-Q7RW-HVR7...
acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29195 via tensorflow (>=2.8.0 <=2.8.0rc1)
tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29195 Source advisory: OSV:GHSA-H48F-Q7RW-HVR7...
CVE-2022-29195
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.StagePeek does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. The code...
CVE-2022-29195 Missing validation causes denial of service in TensorFlow via `StagePeek`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.StagePeek does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. The code...
CVE-2022-29195
TensorFlow CVE-2022-29195 concerns a denial-of-service via missing validation in tf.raw_ops.StagePeek. Affected are versions before patches: 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which patch the issue. The vulnerability stems from StagePeek assuming index is a scalar without validating input, leading t...
CVE-2022-29195 Missing validation causes denial of service in TensorFlow via `StagePeek`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.StagePeek does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. The code...