25 matches found
EUVD-2022-0297
Malicious code in bioql PyPI...
BIT-TENSORFLOW-2022-21734 `CHECK`-failures in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
SUSE CVE-2022-21734
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
GHSA-GCVH-66FF-4MWM `CHECK`-failures in Tensorflow
Impact The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar: python import tensorflow as tf import numpy as np tf.rawops.MapStage key = tf.constantvalue=4, shape= 1,2, dtype=tf.int64, indices = np.array6, values = np.array-60, dtypes = tf.int64, capacity=0,...
`CHECK`-failures in Tensorflow
Impact The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar: python import tensorflow as tf import numpy as np tf.rawops.MapStage key = tf.constantvalue=4, shape= 1,2, dtype=tf.int64, indices = np.array6, values = np.array-60, dtypes = tf.int64, capacity=0,...
CVE-2022-21734
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
Stack overflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
PYSEC-2022-113
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
PYSEC-2022-113
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
PYSEC-2022-58
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
PYSEC-2022-58
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
CVE-2022-21734
TensorFlow CVE-2022-21734: The MapStage kernel is vulnerable to a CHECK-fail when the key tensor is non-scalar, potentially allowing a denial of service. The reported fix is included in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3 for affected, supported releases. Recommend upgr...
CVE-2022-21734 `CHECK`-failures in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
CVE-2022-21734 `CHECK`-failures in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
CVE-2022-21734
Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Tensorflow suffers from a security vulnerability that stems from the fact that the MapStage implementation is vulnerable if the key tensor is not a scalar - CHECK fails...
PT-2022-15074 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of MapStage is vulnerable to a CHECK-fail if the key tensor is not a scalar. This issue can be triggered by passi...
GHSA-278G-RQ84-9HMG `CHECK`-fail in `MapStage`
Impact An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.MapStage: python import tensorflow as tf tf.rawops.MapStage key=tf.constant, shape=0, 0, 0, 0, dtype=tf.int64, indices=tf.constant0, dtype=tf.int32, values=tf.constant0, dtype=tf.int32, dtypes=tf.int32, tf.int64,...
PYSEC-2021-295
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a CHECK-fail in tf.rawops.MapStage. The implementation does not check that the key input is a valid non-empty tensor. We have patched the issue in GitHub...
PYSEC-2021-784
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a CHECK-fail in tf.rawops.MapStage. The implementation does not check that the key input is a valid non-empty tensor. We have patched the issue in GitHub...