11 matches found
CVE-2022-41880
TensorFlow is an open source platform for machine learning. When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob read occurs. We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4. The fix will be included in...
TensorFlow < 2.10.1 Multiple Vulnerabilities
The version of TensorFlow installed on the remote host is prior to 2.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the release notes. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41880)
The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41880 advisory. - TensorFlow is an open source platform for machine learning. When the BaseCandidateSamplerOp function...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in TensorFlow
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of TensorFlow. Vulnerability Details CVEID:CVE-2022-41910 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the MakeGrapplerFunctionItem function i...
CVE-2022-41880 affecting package tensorflow for versions less than 2.11.0-1
CVE-2022-41880 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...
clip-jax (=0.0.5), sdeper (>=1.1.0 <=1.6.1) potentially affected by CVE-2022-41880 via tensorflow-cpu (>=2.9.0 <=2.9.1)
tensorflow-cpu PYPI version =2.9.0, =1.1.0, =1.6.1 Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +103 more potentially affected by CVE-2022-41880 via tensorflow-cpu (>=1.15.0 <=2.7.4)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4935 more potentially affected by CVE-2022-41880 via tensorflow (>=1.0.1 <=2.8.3)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...
aimodelshare (>=0.0.157 <=0.1.0), aliby (>=0.1.18 <=0.1.55) +69 more potentially affected by CVE-2022-41880 via tensorflow (>=2.9.0 <=2.9.2)
tensorflow PYPI version =2.9.0, =0.0.157, =0.1.18, =0.1.11, =0.30.0, =0.2.6, =0.0.1, =1.0.0, =0.0.0, =4.8.2, =0.9.0, =0.99.1 - cvt-tensorflow =1.1.4 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...
CVE-2022-41880 ThreadUnsafeUnigramCandidateSampler Heap out of bounds in Tensorflow
TensorFlow is an open source platform for machine learning. When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob read occurs. We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4. The fix will be included in...
CVE-2022-41880
TensorFlow CVE-2022-41880 describes a heap-based out-of-bounds read in BaseCandidateSamplerOp when true_classes contains a value greater than range_max. A patch was committed (b389f5c944cadfdfe599b3f1e4026e036f30d2d4) and the fix is scheduled for TensorFlow 2.11, with cherry-picks to 2.10.1, 2.9....