7 matches found
CVE-2022-29203
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SpaceToBatchND in all backends such as XLA and handwritten kernels is vulnerable to an integer overflow: The result of this integer overflow is used to...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-29203 via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-29203 Source advisory: OSV:GHSA-JJM6-4VF7-CJH4...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29203 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29203 Source advisory:...
causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-29203 via tensorflow-gpu (=2.8.0)
tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-29203 Source advisory: OSV:GHSA-JJM6-4VF7-C...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4878 more potentially affected by CVE-2022-29203 via tensorflow (>=1.0.1 <=2.6.3)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-29203 Source advisory: OSV:GHSA-JJM6-4VF7-CJH4...
CVE-2022-29203 Integer overflow in `SpaceToBatchND` in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SpaceToBatchND in all backends such as XLA and handwritten kernels is vulnerable to an integer overflow: The result of this integer overflow is used to...
CVE-2022-29203
CVE-2022-29203 describes an integer overflow in TensorFlow’s tf.raw_ops.SpaceToBatchND across backends (XLA and handwritten kernels) that can cause a denial of service via a CHECK failure when allocating the output tensor. Affected versions are prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4. The documen...