9 matches found
CVE-2022-41895
TensorFlow is an open source platform for machine learning. If MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error. We have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92. The fix will be included in TensorFlow 2.11. We will also...
TensorFlow < 2.10.1 Multiple Vulnerabilities
The version of TensorFlow installed on the remote host is prior to 2.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the release notes. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41895)
The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41895 advisory. - TensorFlow is an open source platform for machine learning. If MirrorPadGrad is given outsize input...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in TensorFlow
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of TensorFlow. Vulnerability Details CVEID:CVE-2022-41910 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the MakeGrapplerFunctionItem function i...
CVE-2022-41895 affecting package tensorflow for versions less than 2.11.0-1
CVE-2022-41895 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...
aggmap (>=1.1.1 <=1.2.1), molmap (>=1.3.1 <=1.4.0) potentially affected by CVE-2022-41895 via tensorflow-gpu (=2.9.1)
tensorflow-gpu PYPI version =2.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - aggmap =1.1.1, =1.3.1, =1.4.0 Source cves: CVE-2022-41895 Source advisory: OSV:GHSA-GQ2J-CR96-GVQX...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +103 more potentially affected by CVE-2022-41895 via tensorflow-cpu (>=1.15.0 <=2.7.4)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-41895 Source advisory: OSV:GHSA-GQ2J-CR96-GVQX...
CVE-2022-41895 `MirrorPadGrad` heap out of bounds read in Tensorflow
TensorFlow is an open source platform for machine learning. If MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error. We have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92. The fix will be included in TensorFlow 2.11. We will also...
CVE-2022-41895
TensorFlow CVE-2022-41895 describes a heap-out-of-bounds read in MirrorPadGrad when input paddings are out of range. The issue is fixed in commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92 and will be included in TensorFlow 2.11; a cherry-pick will be applied to 2.10.1, 2.9.3, and 2.8.4 for affecte...