Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:45 a.m.10 views

CVE-2022-41889

TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors...

7.5CVSS6.8AI score0.00404EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/20 12:0 a.m.58 views

TensorFlow < 2.10.1 Multiple Vulnerabilities

The version of TensorFlow installed on the remote host is prior to 2.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the release notes. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

9.8CVSS7.5AI score0.00579EPSS
Exploits22References27
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.30 views

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41889)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41889 advisory. - TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned t...

7.5CVSS7.7AI score0.00404EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 5:17 p.m.83 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in TensorFlow

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of TensorFlow. Vulnerability Details CVEID:CVE-2022-41910 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the MakeGrapplerFunctionItem function i...

9.8CVSS8.1AI score0.00579EPSS
Exploits21Affected Software1
CBLMariner
CBLMariner
added 2022/12/09 8:3 p.m.54 views

CVE-2022-41889 affecting package tensorflow for versions less than 2.11.0-1

CVE-2022-41889 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.7AI score0.00404EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/11/21 8:42 p.m.9 views

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +189 more potentially affected by CVE-2022-41889 via tensorflow-gpu (>=1.10.1 <=2.8.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41889 Source advisory: OSV:GHSA-XXCJ-RHQG-M46G...

7.5CVSS7.1AI score0.00404EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/11/21 8:42 p.m.11 views

a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +103 more potentially affected by CVE-2022-41889 via tensorflow-cpu (>=1.15.0 <=2.7.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-41889 Source advisory: OSV:GHSA-XXCJ-RHQG-M46G...

7.5CVSS7.1AI score0.00404EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/11/21 8:42 p.m.9 views

aimodelshare (>=0.0.157 <=0.1.0), aliby (>=0.1.18 <=0.1.55) +69 more potentially affected by CVE-2022-41889 via tensorflow (>=2.9.0 <=2.9.2)

tensorflow PYPI version =2.9.0, =0.0.157, =0.1.18, =0.1.11, =0.30.0, =0.2.6, =0.0.1, =1.0.0, =0.0.0, =4.8.2, =0.9.0, =0.99.1 - cvt-tensorflow =1.1.4 and more Source cves: CVE-2022-41889 Source advisory: OSV:GHSA-XXCJ-RHQG-M46G...

7.5CVSS7.1AI score0.00404EPSS
Exploits1
CVE
CVE
added 2022/11/18 12:0 a.m.97 views

CVE-2022-41889

TensorFlow CVE-2022-41889 affects the pywrap path when a list of quantized tensors is assigned to an attribute; the code may parse a tensor and return a nullptr that is not caught, risking a crash. A fix is committed (e9e95553e541) and will be included in TensorFlow 2.11, with cherry-picks to 2.1...

7.5CVSS6.2AI score0.00404EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/18 12:0 a.m.6 views

CVE-2022-41889 Segfault via invalid attributes in `pywrap_tfe_src.cc` in Tensorflow

TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors...

5.5CVSS7.2AI score0.00404EPSS
Exploits1References3
Rows per page
Query Builder