PYSEC-2021-267

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...

PYSEC-2021-756

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...

PYSEC-2021-558

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...

Google TensorFlow 数字错误漏洞

Google TensorFlow is an end-to-end open source machine learning platform. An integer overflow vulnerability exists in the implementation of tf.rawops.QuantizeAndDequantizeV4Grad in versions prior to Google TensorFlow 2.6.0. The vulnerability stems from converting a signed integer value to an...

GHSA-MQ5C-PRH3-3F3H Invalid validation in `QuantizeAndDequantizeV2`

Impact The validation in tf.rawops.QuantizeAndDequantizeV2 allows invalid values for axis argument: python import tensorflow as tf inputtensor = tf.constant0.0, shape=1, dtype=float inputmin = tf.constant-10.0 inputmax = tf.constant-10.0 tf.rawops.QuantizeAndDequantizeV2 input=inputtensor,...

GHSA-H9PX-9VQG-222H Heap OOB in `QuantizeAndDequantizeV3`

Impact An attacker can read data outside of bounds of heap allocated buffer in tf.rawops.QuantizeAndDequantizeV3: python import tensorflow as tf tf.rawops.QuantizeAndDequantizeV3 input=2.5,2.5, inputmin=0,0, inputmax=1,1, numbits=30, signedinput=False, rangegiven=False, narrowrange=False, axis=3...

GHSA-6G85-3HM8-83F9 CHECK-fail in `QuantizeAndDequantizeV4Grad`

Impact An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.QuantizeAndDequantizeV4Grad: python import tensorflow as tf gradienttensor = tf.constant0.0, shape=1 inputtensor = tf.constant0.0, shape=1 inputmin = tf.constant0.0, shape=1, 1 inputmax = tf.constant0.0, shape=1, 1...

PYSEC-2021-472

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.QuantizeAndDequantizeV4Grad. This is because the...

PYSEC-2021-679

TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in tf.rawops.QuantizeAndDequantizeV3. This is because the...

PYSEC-2021-538

TensorFlow is an end-to-end open source platform for machine learning. The validation in tf.rawops.QuantizeAndDequantizeV2 allows invalid values for axis argument:. The...

PYSEC-2021-247

TensorFlow is an end-to-end open source platform for machine learning. The validation in tf.rawops.QuantizeAndDequantizeV2 allows invalid values for axis argument:. The...

PYSEC-2021-670

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.QuantizeAndDequantizeV4Grad. This is because the...

PYSEC-2021-190

TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in tf.rawops.QuantizeAndDequantizeV3. This is because the...

PYSEC-2021-481

TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in tf.rawops.QuantizeAndDequantizeV3. This is because the...

PYSEC-2021-736

TensorFlow is an end-to-end open source platform for machine learning. The validation in tf.rawops.QuantizeAndDequantizeV2 allows invalid values for axis argument:. The...

PYSEC-2021-670

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.QuantizeAndDequantizeV4Grad. This is because the...

PYSEC-2021-181

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.QuantizeAndDequantizeV4Grad. This is because the...

PYSEC-2021-190

TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in tf.rawops.QuantizeAndDequantizeV3. This is because the...

CVE-2021-29610

TensorFlow is an end-to-end open source platform for machine learning. The validation in tf.rawops.QuantizeAndDequantizeV2 allows invalid values for axis argument:. The...

CVE-2021-29544

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.QuantizeAndDequantizeV4Grad. This is because the implementation does not validate the rank of the input tensors. In turn, this results in the tensors...