Lucene search
+L

13 matches found

osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-966 TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`

Impact When mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes. cpp StatusOr GraphDefImporter::ArgNumTypeconst NamedAttrList &attrs, const OpDef::ArgDef &argdef, SmallVectorImpl &types // Check whether a type list attribute is specified. if !argdef.typelistattr.empty if auto...

5.9CVSS6AI score0.00559EPSS
Exploits0References9
osv
osv
added 2024/03/06 11:12 a.m.11 views

BIT-TENSORFLOW-2022-36000 Null dereference on MLIR on empty function attributes in TensorFlow

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit aed36912609fc07229b4d0a7b44f3f48efc00fd0. The fix will be included in...

7.5CVSS6.5AI score0.00396EPSS
Exploits0References3
cnvd
cnvd
added 2022/09/20 12:0 a.m.17 views

Google TensorFlow code issue vulnerability (CNVD-2023-10610)

Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow suffers from a code issue vulnerability that stems from when "mlir::tfg::GraphDefImporter:: ConvertNodeDef" attempts to convert a nodedef with an unoperated name, it crashes, and an...

7.5CVSS3.8AI score0.00547EPSS
Exploits0References1
nvd
nvd
added 2022/09/16 11:15 p.m.14 views

CVE-2022-36011

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in...

7.5CVSS0.00396EPSS
Exploits0References2
nvd
nvd
added 2022/09/16 11:15 p.m.62 views

CVE-2022-36012

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We wi...

7.5CVSS0.00547EPSS
Exploits0References3
nvd
nvd
added 2022/09/16 11:15 p.m.22 views

CVE-2022-36014

TensorFlow is an open source platform for machine learning. When mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes. We have patched the issue in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in...

7.5CVSS0.00559EPSS
Exploits0References4
prion
prion
added 2022/09/16 11:15 p.m.18 views

Stack overflow

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit aed36912609fc07229b4d0a7b44f3f48efc00fd0. The fix will be included in...

5CVSS7.7AI score0.00396EPSS
Exploits0References2Affected Software1
prion
prion
added 2022/09/16 11:15 p.m.21 views

Stack overflow

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in...

5CVSS7.7AI score0.00396EPSS
Exploits0References2Affected Software1
cve
cve
added 2022/09/16 10:55 p.m.83 views

CVE-2022-36012

TensorFlow vulnerability CVE-2022-36012: when mlir::tfg::ConvertGenericFunctionToFunctionDef processes empty function attributes, TensorFlow crashes. A patch (commit ad069af92392efee1418c48ff561fd3070a03d7b) fixes the issue and will be included in TensorFlow 2.10.0, with cherry-picks to 2.9.1, 2....

7.5CVSS6.5AI score0.00547EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2022/09/16 10:35 p.m.21 views

CVE-2022-36014 Null-dereference in `mlir::tfg::TFOp::nameAttr` in TensorFlow

TensorFlow is an open source platform for machine learning. When mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes. We have patched the issue in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in...

5.9CVSS7.8AI score0.00559EPSS
Exploits0References4
cve
cve
added 2022/09/16 10:30 p.m.93 views

CVE-2022-36013

TensorFlow CVE-2022-36013 describes a null-dereference crash in mlir::tfg::GraphDefImporter::ConvertNodeDef when converting NodeDefs without an op name. A fix is present in commit a0f0b9a21c9270930457095092f558fbad4c03e5 and will be included in TensorFlow 2.10.0; the patch will also beCherry-pick...

7.5CVSS6.5AI score0.00547EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2022/09/16 10:30 p.m.42 views

CVE-2022-36013 Null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef` in TensorFlow

TensorFlow is an open source platform for machine learning. When mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs without an op name, it crashes. We have patched the issue in GitHub commit a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in TensorFlow 2.10.0...

5.9CVSS7.7AI score0.00547EPSS
Exploits0References3
osv
osv
added 2022/09/16 10:30 p.m.25 views

CVE-2022-36013 Null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef` in TensorFlow

TensorFlow is an open source platform for machine learning. When mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs without an op name, it crashes. We have patched the issue in GitHub commit a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in TensorFlow 2.10.0...

5.9CVSS7.7AI score0.00547EPSS
Exploits0References5
Rows per page
Query Builder