6 matches found
animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +177 more potentially affected by CVE-2022-29205 via tensorflow-gpu (>=1.10.1 <=2.6.3)
tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-29205 Source advisory: OSV:GHSA-54CH-GJQ5-4976...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29205 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29205 Source advisory:...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-29205 via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-29205 Source advisory: OSV:GHSA-54CH-GJQ5-4976...
CVE-2022-29205 Segfault due to missing support for quantized types in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types, which was added after migration to...
CVE-2022-29205 Segfault due to missing support for quantized types in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types, which was added after migration to...
CVE-2022-29205
TensorFlow CVE-2022-29205 affects the TensorFlow project where calling tf.compat.v1.* ops that do not yet support quantized types can dereference a null value in ParseDimensionValue, leading to a segfault and potential DoS. Public details specify affected versions are prior to 2.9.0, 2.8.1, 2.7.2...