GHSA-393F-2JR3-CP69 CHECK-fail in DrawBoundingBoxes

Impact An attacker can trigger a denial of service via a CHECK failure by passing an empty image to tf.rawops.DrawBoundingBoxes: python import tensorflow as tf images = tf.fill53, 0, 48, 1, 0. boxes = tf.fill53, 31, 4, 0. boxes = tf.Variableboxes boxes0, 0, 0.assign3.90621...

GHSA-3QXP-QJQ7-W4HF CHECK-fail in tf.raw_ops.EncodePng

Impact An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data: python import tensorflow as tf image = tf.zeros0, 0, 3 image = tf.castimage, dtype=tf.uint8 tf.rawops.EncodePngimage=image This is because the implementation only validates that the...

GHSA-C968-PQ7H-7FXV Division by 0 in `Conv3DBackprop*`

Impact The tf.rawops.Conv3DBackprop operations fail to validate that the input tensors are not empty. In turn, this would result in a division by 0: python import tensorflow as tf inputsizes = tf.constant0, 0, 0, 0, 0, shape=5, dtype=tf.int32 filtertensor = tf.constant, shape=0, 0, 0, 1, 0,...

GHSA-84MW-34W6-2Q43 Null pointer dereference via invalid Ragged Tensors

Impact Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference: python import tensorflow as tf inputtensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float32 filtertensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float3...

PT-2021-18151 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy version 1.14.0 Description: An issue was discovered that allows for a remotely exploitable crash for HTTP2 Metadata. This occurs because an empty METADATA map triggers a Reachable Assertion. Recommendations: For Envoy version 1.14.0, at...

jwt-go: access restriction bypass vulnerability

A vulnerability was found in jwt-go where it is vulnerable to Access Restriction Bypass if m"aud" happens to be string, as allowed by the spec, the type assertion fails and the value of aud is "". This can cause audience verification to succeed even if the audiences being passed are incorrect if...

libyang: double-free in function yyparse() when empty description is used

A double-free flaw occurs in libyang in function yyparse when an empty description is used. Applications that use libyang to process untrusted input YANG files may be vulnerable to this flaw, possibly causing a crash or potential code execution...

TensorFlow Denial of Service Vulnerability (CNVD-2021-36542)

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in TensorFlow. An attacker can exploit this vulnerability by passing empty images to tf.rawops.DrawBoundingBoxes to cause a CHECK failure denial of service...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. A NULL pointer dereference occurs in MatrixDiag ops as the implementation does not validate that the tensor arguments are non-empty...

CVE-2021-29565

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.SparseFillEmptyRows. This is because of missing...

CVE-2021-29533

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK failure by passing an empty image to tf.rawops.DrawBoundingBoxes. This is because the...

PYSEC-2021-642

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...

PYSEC-2021-497

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

PYSEC-2021-678

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...

PYSEC-2021-173

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization. This is because the...

PYSEC-2021-249

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in Eigen implementation of tf.rawops.BandedTriangularSolve. The...

PYSEC-2021-642

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...

PYSEC-2021-245

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.RaggedTensorToTensor, an attacker can exploit an undefined behavior if input arguments are empty. The...

PYSEC-2021-508

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalMaxPoolGrad triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a CHECK condition becomes false and aborts...

Code injection

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the...