4 matches found
EUVD-2026-38332
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.3.9, several LangChain components that resolve filesystem paths or expand search patterns do not consistently confine the resolved path to the intended root directory. Affected behaviors include: a file-search...
BIT-TENSORFLOW-2022-23558 Integer overflow in TFLite array creation
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...
SUSE CVE-2022-23558
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...
Integer overflow in TFLite array creation
Impact An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate: cc TfLiteIntArray TfLiteIntArrayCreateint size int allocsize = TfLiteIntArrayGetSizeInBytessize; // ... TfLiteIntArray ret = TfLiteIntArraymallocallocsize; // ... The...