PT-2021-6980 · Mysql Server +7 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a highly privileged attacker with network access via multiple protocols to...

PT-2021-6987 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server. It allows a high-privileged attacker with network access via multiple protocols to...

PT-2021-6986 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of the MySQL Server system management database. This can be exploited by a remote attacker to gain...

PT-2021-6663 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.27 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a low-privileged attacker with network access via multiple protocols to...

PT-2021-6400 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.27 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a remote attacker to cause a denial of service or gain access to modify, ad...

PT-2021-6982 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server. It allows a high-privileged attacker with network access via multiple protocols to...

PT-2021-6394 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.27 and prior Description: The issue is related to errors in resource release in the MySQL Server component, specifically in the Optimizer subsystem. This can be exploited by a remote attacker to cause a denial of...

PT-2021-6393 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.27 and prior Description: The issue is related to errors in resource release in the MySQL Server product, specifically in the Server: Optimizer component. It allows a high-privileged attacker with network access via...

Segfault while copying constant resource tensor

Impact During TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. Patches We have patched the issue in GitHub commit 7731e8dfbe4a56773be5dc94d631611211156659. The fix will be...

A use of uninitialized value vulnerability in Tensorflow

Impact TensorFlow's Grappler optimizer has a use of unitialized variable: cc const NodeDef dequeuenode; for const auto& trainnode : trainnodes if IsDequeueOptrainnode dequeuenode = trainnode; break; if dequeuenode ... If the trainnodes vector obtained from the saved model that gets optimized does...

Google TensorFlow has an unspecified vulnerability (CNVD-2021-92554)

A security vulnerability in Google TensorFlow, an end-to-end open source platform for machine learning from Google, stems from the use of uninitialized variables in the Grappler optimizer. If the trainnodes vector obtained from the saved optimization model does not contain Dequeue nodes, then...

CVE-2021-41225

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

CVE-2021-41225

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

PYSEC-2021-417

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

Stack overflow

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

PYSEC-2021-634

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

PYSEC-2021-832

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

CVE-2021-41225

CVE-2021-41225 affects TensorFlow’s Grappler optimizer: if train_nodes lacks a Dequeue node, dequeue_node remains uninitialized due to an uninitialized variable in the Grappler code. The documented fix is included in TensorFlow 2.7.0, with cherry-picks for 2.6.1, 2.5.2, and 2.4.4 (still in suppor...

CVE-2021-41225 A use of uninitialized value vulnerability in Tensorflow

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

CVE-2021-41204

TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. The fix will be included in...