10 matches found
CVE-2022-35941
TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...
Security Bulletin: For IBM Cloudpak for Watson AIOPS 3.5.1
Summary This SB contains a list for all CVE's listed here - CVE-2022-36083, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2021-21797, CVE-2022-35941, CVE-2021-42248, CVE-2021-42836, CVE-2022-40186, CVE-2022-41316, CVE-2021-36090, CVE-2020-29529, CVE-2020-7219 fixed in 3.5.1 Vulnerability...
FreeBSD : py-tensorflow -- unchecked argument causing crash (52311651-f100-4720-8c62-0887dad6d321)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 52311651-f100-4720-8c62-0887dad6d321 advisory. - TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument...
aggmap (>=1.1.1 <=1.2.1), molmap (>=1.3.1 <=1.4.0) potentially affected by CVE-2022-35941 via tensorflow-gpu (=2.9.1)
tensorflow-gpu PYPI version =2.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - aggmap =1.1.1, =1.3.1, =1.4.0 Source cves: CVE-2022-35941 Source advisory: OSV:GHSA-MGMH-G2V6-MQW5...
causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-35941 via tensorflow-gpu (=2.8.0)
tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-35941 Source advisory: OSV:GHSA-MGMH-G2V6-M...
clip-jax (=0.0.5), sdeper (>=1.1.0 <=1.6.1) potentially affected by CVE-2022-35941 via tensorflow-cpu (>=2.9.0 <=2.9.1)
tensorflow-cpu PYPI version =2.9.0, =1.1.0, =1.6.1 Source cves: CVE-2022-35941 Source advisory: OSV:GHSA-MGMH-G2V6-MQW5...
acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35941 via tensorflow (>=2.8.0 <=2.8.0rc1)
tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35941 Source advisory: OSV:GHSA-MGMH-G2V6-MQW5...
animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +183 more potentially affected by CVE-2022-35941 via tensorflow-gpu (>=1.10.1 <=2.7.0)
tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35941 Source advisory: OSV:GHSA-MGMH-G2V6-MQW5...
CVE-2022-35941
CVE-2022-35941 affects TensorFlow: AvgPoolOp accepts a positive ksize but does not validate it, enabling a potential crash via a negative ksize. The issue is fixed in commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f and will be included in TensorFlow 2.10.0; the patch will be cherry-picked for TF ...
CVE-2022-35941 `CHECK` failure in `AvgPoolOp` in Tensorflow
TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...