Lucene search
K

7 matches found

OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-943 Segfault and OOB write due to incomplete validation in `EditDistance` in TensorFlow

Impact The implementation of tf.rawops.EditDistance has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service: python import tensorflow as tf hypothesisindices = tf.constant-1250999896764, shape=3, 3, dtype=tf.int64 hypothesisvalues =...

7.1CVSS6.1AI score0.00378EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/03/23 7:3 a.m.9 views

CVE-2026-4598

A flaw was found in jsrsasign. A remote attacker could exploit this vulnerability by providing specially crafted zero or negative inputs to the bnModInverse function within the BigInteger.modInverse implementation. This could lead to an infinite loop, causing a permanent denial of service DoS by...

8.7CVSS5.7AI score0.00554EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/03/23 5:0 a.m.10 views

CVE-2026-4598

Versions of the package jsrsasign before 11.1.1 are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker to hang the process permanently by supplying such crafted values e.g.,...

8.7CVSS5.8AI score0.00554EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/23 5:0 a.m.34 views

CVE-2026-4598

Versions of the package jsrsasign before 11.1.1 are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker to hang the process permanently by supplying such crafted values e.g.,...

8.7CVSS0.00554EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.8 views

jsrsasign 安全漏洞

jsrsasign is a signature verification library developed by Kenji Urushima. Versions of jsrsasign prior to 11.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the bnModInverse function in ext/jsbn2.js, which could cause infinite loops when processing zero or negative...

8.7CVSS5.8AI score0.00554EPSS
Exploits1References5
Snyk
Snyk
added 2026/02/18 6:5 a.m.17 views

Infinite loop

Overview jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker to hang the...

8.7CVSS5.8AI score0.00554EPSS
Exploits1References2
OSV
OSV
added 2021/11/05 11:15 p.m.11 views

PYSEC-2021-829

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SplitV can trigger a segfault is an attacker supplies negative arguments. This occurs whenever sizesplits contains more than one value and at least one value is negative. The fix will be include...

5.5CVSS6.1AI score0.00181EPSS
Exploits1References2
Rows per page
Query Builder