Lucene search
K

138 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:23 p.m.6 views

CVE-2021-29516

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...

5.5CVSS6.8AI score0.00198EPSS
Exploits1References1
OSV
OSV
added 2024/03/06 11:20 a.m.18 views

BIT-TENSORFLOW-2021-29516 Null pointer dereference via invalid Ragged Tensors

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...

5.5CVSS5.5AI score0.00198EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:17 a.m.16 views

BIT-TENSORFLOW-2021-37666 Reference binding to nullptr in `RaggedTensorToVariant` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case...

7.8CVSS7.7AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29516

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of RaggedTensorToVariant...

5.5CVSS5.5AI score0.00198EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29532

TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to tf.rawops.RaggedCross. This is because the...

7.1CVSS6.7AI score0.00198EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29560

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.RaggedTensorToTensor. This is because the...

7.1CVSS7AI score0.00208EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:42 a.m.3 views

SUSE CVE-2021-29608

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.RaggedTensorToTensor, an attacker can exploit an undefined behavior if input arguments are empty. The...

7.8CVSS7.5AI score0.00234EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.3 views

SUSE CVE-2021-37638

TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for rowpartitiontypes of tf.rawops.RaggedTensorToTensor API results in a null pointer dereference and undefined behavior. The implementation accesses the first element of a user supplied list of values...

7.8CVSS5.6AI score0.00167EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.4 views

SUSE CVE-2021-37641

TensorFlow is an end-to-end open source platform for machine learning. In affected versions if the arguments to tf.rawops.RaggedGather don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The implementation directly reads the first...

7.1CVSS5.7AI score0.00167EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.5 views

SUSE CVE-2021-37666

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case...

7.8CVSS5.6AI score0.00173EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.2 views

SUSE CVE-2021-41212

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for tf.ragged.cross can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

7.1CVSS7AI score0.00201EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.4 views

SUSE CVE-2021-41214

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...

7.8CVSS7.5AI score0.0021EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.1 views

SUSE CVE-2022-29202

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.ragged.constant does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions 2.9.0, 2.8.1, 2.7.2,...

5.5CVSS5.3AI score0.00316EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.3 views

SUSE CVE-2022-35940

TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...

7.5CVSS8.3AI score0.00547EPSS
Exploits0References3
OSV
OSV
added 2022/09/16 9:14 p.m.6 views

GHSA-M6CV-4FMF-66XF TensorFlow vulnerable to `CHECK` fail in `RaggedTensorToVariant`

Impact If RaggedTensorToVariant is given a rtnestedsplits list that contains tensors of ranks other than one, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf batchedinput = True rtnestedsplits = tf.constant0,32,64, shape=3,...

5.9CVSS7AI score0.00383EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.3 views

PT-2022-23118 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when RaggedTensorToVariant is given a rt nested splits list...

7.5CVSS7.7AI score0.00383EPSS
Exploits0References9
OSV
OSV
added 2022/05/24 10:10 p.m.1 views

GHSA-CWPM-F78V-7M5C Denial of service in `tf.ragged.constant` due to lack of validation

Impact The implementation of tf.ragged.constant does not fully validate the input arguments. This results in a denial of service by consuming all available memory: python import tensorflow as tf tf.ragged.constantpylist=,raggedrank=8968073515812833920 Patches We have patched the issue in GitHub...

5.5CVSS5.8AI score0.00316EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2022/05/20 10:55 p.m.4 views

CVE-2022-29202

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.ragged.constant does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions 2.9.0, 2.8.1, 2.7.2,...

5.5CVSS6.8AI score0.00316EPSS
Exploits1
CNNVD
CNNVD
added 2022/05/20 12:0 a.m.3 views

Google TensorFlow资源管理错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A resource management error vulnerability exists in Google TensorFlow versions prior to 2.9.0, prior to 2.8.1, prior to 2.7.2, and prior to 2.6.4, which stems from the fact that tf.ragged.consta...

5.5CVSS5.7AI score0.00316EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2022/05/20 12:0 a.m.2 views

PT-2022-19454 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: The implementation of tf.ragged.constant does not fully validate the input arguments,...

5.5CVSS5.3AI score0.00316EPSS
Exploits1References15
Rows per page
Query Builder