PYSEC-2021-178

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...

CVE-2021-29541

CVE-2021-29541 : TensorFlow StringNGrams vulnerability — the implementation of data_splits is not fully validated, allowing a null pointer dereference when ngram computation leads to zero/negative output size. This can cause a crash (null pointer dereference) on affected TensorFlow builds. A fix ...

PYSEC-2020-128

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...

PYSEC-2020-128

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...