SUSE CVE-2020-15205

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...

PYSEC-2021-667

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...

Google TensorFlow Input Validation Error Vulnerability

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow versions prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1, and 2.3.1, which stems from a lack of validation of the datasplits parameter of...

PT-2020-14276 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.4 TensorFlow versions prior to 2.0.3 TensorFlow versions prior to 2.1.2 TensorFlow versions prior to 2.2.1 TensorFlow versions prior to 2.3.1 Description: The data splits argument of tf.raw ops.StringNGrams...