15 matches found
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the process handling TLS certificate validation. An attacker can intercept or manipulate sensitive data by exploiting improper certificate validation during secure communications. Remediation There is ...
pybind11 bug fix and enhancement update
An update is available for pybind11. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list pybind11 is a lightweight header-only library that exposes C++ types in Pyth...
BIT-TENSORFLOW-2020-15193 Memory corruption in Tensorflow
In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...
python39:3.9 and python39-devel:3.9 security update
Cython 0.29.21-5 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 modwsgi 4.7.1-5 - Core dumped upon file upload = 1GB Resolves: rhbz2125172 numpy 1.19.4-3 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 pybind11 2.7.1-1 - Update...
SUSE CVE-2020-15193
In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...
new module: python39:3.9
An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, modwsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil,...
Arbitrary Code Execution
tensorflow is vulnerable to arbitrary code execution. The vulnerability exists through a memory corruption issue in the implementation of dlpack.todlpack, as the pybind11 does not restrict Python objects to be parsed and casted...
Google TensorFlow code issue vulnerability (CNVD-2020-54781)
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow versions prior to 2.2.1, and in version 2.3.1, which stems from the pybind11 bonding code that assumes that the arguments are tensors, which can be...
CVE-2020-15193
In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...
PYSEC-2020-308
In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...
Memory corruption
In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...
PYSEC-2020-116
In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...
CVE-2020-15193
In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...
GHSA-RJJG-HGV6-H69V Memory corruption in Tensorflow
Impact The implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor:...
PT-2020-14264 · Google +1 · Tensorflow +1
Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The implementation of dlpack.to dlpack can be made to use uninitialized memory, resulting in further memory corruption. This occurs because the pybind11 glue...