EUVD-2021-0305

Malware in sbrugna...

EUVD-2022-2039

Malicious code in bioql PyPI...

BIT-TENSORFLOW-2021-29564 Null pointer dereference in `EditDistance`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.EditDistance. This is because the...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow (CVE-2023-25662)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow due to an integer overflow in EditDistance CVE-2023-25662. TensorFlow is included as part of the runtimes in our service. This vulnerabilitiy has been addressed. Please read...

Denial Of Service (DoS)

tensorflow is vulnerable to Denial of Service DoS attacks. The vulnerability is due to an integer overflow in the EditDistance function when the hypothesisshape perimeter is empty causing the application to crash...

SUSE CVE-2023-25662

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. PoC import tensorflow as tf para= 'hypothesisindices': , 'hypothesisvalues': 'tmp/', 'hypothesisshape': , 'truthindices':...

CVE-2023-25662

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

AZL-31209 CVE-2023-25662 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

Integer overflow

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. An input validation error vulnerability exists in Google TensorFlow version 2.12 prior to version 2.12.0 and version 2.11 prior to version 2.11.1, which stems from...

CVE-2023-25662 TensorFlow vulnerable to integer overflow in EditDistance

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

CVE-2023-25662 TensorFlow vulnerable to integer overflow in EditDistance

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

CVE-2023-25662

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

TensorFlow vulnerable to integer overflow in EditDistance

Impact TFversion 2.11.0 //tensorflow/core/ops/arrayops.cc:1067 const Tensor hypothesisshapet = c-inputtensor2; std::vector dimshypothesisshapet-NumElements - 1; for int i = 0; i MakeDimstd::maxhvaluesi, tvaluesi; if hypothesisshapet is empty, hypothesisshapet-NumElements - 1 will be integer...

SUSE CVE-2021-29564

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.EditDistance. This is because the...

Google TensorFlow缓冲区错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2 and 2.6.4 are vulnerable to buffer errors, which originate from tf.rawops. EditDistance has incomplete validation for implementations. An attacker...

Google TensorFlow EditDistance Denial of Service Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow EditDistance. An attacker can exploit the vulnerability to trigger a null pointer dereference when implementing 'tf.rawuops.EditDistance...

CVE-2021-29564

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.EditDistance. This is because the...

PYSEC-2021-492

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.EditDistance. This is because the...