59 matches found
BIT-TENSORFLOW-2023-25676 TensorFlow has null dereference on ParallelConcat with XLA
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...
PaddlePaddle nullptr dereference in paddle.crop
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
GHSA-QPPW-C37G-XWCC PaddlePaddle nullptr dereference in paddle.crop
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
CVE-2023-52312
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
CVE-2023-52312
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
Denial of service
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
PYSEC-2024-144
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...
CVE-2023-52312
CVE-2023-52312: Affected software is PaddlePaddle; vulnerability in paddle.crop triggers a null pointer dereference when tensor dimensions are invalid, leading to runtime crash and DoS. The description states impact is a DoS, with version constraint “before 2.6.0,” implying the fix is included in...
Stack overflow
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...
Amazon Linux 2023 : protobuf, protobuf-compiler, protobuf-devel (ALAS2023-2023-009)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-009 advisory. A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (protobuf) security update
An update for protobuf is now available for Red Hat OpenStack Platform 16.1.9 Train for Red Hat Enterprise Linux RHEL 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (protobuf) security update
An update for protobuf is now available for Red Hat OpenStack Platform 16.2.4 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Oracle Linux 9 : protobuf (ELSA-2022-7970)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7970 advisory. 3.14.0-13 - Rebuilt for test fixes 3.14.0-12 - Rebuilt for test fixes 3.14.0-11 - Applied patch for for CVE-2021-22570 2055641 Tenable has extracted the precedi...
AlmaLinux 9 : protobuf (ALSA-2022:7970)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7970 advisory. - Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name duri...
protobuf security update
An update is available for protobuf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The protobuf packages provide Protocol Buffers, Google's data interchange...
Moderate: protobuf security update
The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fixes: protobuf: Incorrect...
Oracle Linux 8 : protobuf (ELSA-2022-7464)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7464 advisory. 3.5.0-15 - Applied patch for for CVE-2021-22570 2050494 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
AlmaLinux 8 : protobuf (ALSA-2022:7464)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7464 advisory. - Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name duri...
RHEL 8 : protobuf (RHSA-2022:7464)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7464 advisory. The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet...
ALSA-2022:7464 Moderate: protobuf security update
The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fixes: protobuf: Incorrect...