10 matches found
Security Bulletin: A security vulnerability has been identified in TensorFlow shipped with PowerAI.
Summary Vulnerability CVE-2020-5215 found in TensorFlow package. Vulnerability Details CVEID: CVE-2020-5215 DESCRIPTION: Tensorflow is vulnerable to a denial of service, caused by a flaw when converting a string from Python to a tf.float16 value. By sending a specially-crafted string, a remote...
Security Bulletin: A security vulnerability has been identified in OpenCV shipped with PowerAI
Summary Multiple Vulnerabilities CVE-2019-14493, CVE-2019-14492 and CVE-2019-14491 were found in OpenCV package. Vulnerability Details CVEID: CVE-2019-14493 DESCRIPTION: An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at...
Security Bulletin: A security vulnerability has been identified in lodash shipped with PowerAI.
Summary Vulnerability CVE-2019-10744 found in lodash package. Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype...
Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI
Summary Vulnerability CVE-2019-8457 in SqLite package Vulnerability Details CVEID: CVE-2019-8457 DESCRIPTION: SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables. CVSS Base score: 5.3 CVSS Temporal Score:...
Security Bulletin: A security vulnerability has been identified in Pillow shipped with PowerAI.
Summary Vulnerability CVE-2019-16865 was found in a Pillow package Vulnerability Details CVEID: CVE-2019-16865 DESCRIPTION: An issue was discovered in Pillow versions before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or...
Security Bulletin: A security vulnerability has been identified in Openssl shipped with PowerAI.
Summary Multiple vulnerabilities CVE-2019-1547, CVE-2019-1549 and CVE-2019-1563 were found in Openssl package. Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: Normally in OpenSSL, EC groups have a cofactor present which is used in side channel resistant code paths. However, it is possible...
Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision
Summary Multiple vulnerabilities CVE-2019-11251, CVE-2019-11253 in Kubernetes package. Vulnerability Details CVEID: CVE-2019-11251 DESCRIPTION: Kubernetes could allow a remote attacker to gain unauthorized access to the system, caused by an error in kubectl cp that allows a combination of two...
Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI Vision
Summary Vulnerability CVE-2019-8457 in SQLite package. Vulnerability Details CVEID: CVE-2019-8457 DESCRIPTION: SQLite3 version 3.6.0 - 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables. CVSS Base score: 5.3 CVSS Temporal Score: See:...
Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision
Summary Vulnerability CVE-2019-11246 in Kubernetes package. Vulnerability Details CVEID: CVE-2019-11246 DESCRIPTION: The kubectl cp command allows copying files between containers and the user's machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar...
Security Bulletin: Multiple vulnerabilities CVE-2019-12410, CVE-2019-12408 in arrow package
Summary Multiple vulnerabilities CVE-2019-12410, CVE-2019-12408 in arrow package Vulnerability Details CVEID: CVE-2019-12410 DESCRIPTION: While investigating UBSAN errors in it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data...