EUVD-2022-6784

Malicious code in bioql PyPI...

CVE-2022-36003

TensorFlow is an open source platform for machine learning. When RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included i...

BIT-TENSORFLOW-2022-36003 `CHECK` fail in `RandomPoissonV2` in TensorFlow

TensorFlow is an open source platform for machine learning. When RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included i...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists in randomop.cc and randompoissonop.cc because the RandomPoissonV2 doesn't check the size for large input shape and rates which allows an attacker to send inputs that exceed the size check causing an application crash...

Stack overflow

TensorFlow is an open source platform for machine learning. When RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included i...

CVE-2022-36003

TensorFlow CVE-2022-36003 affects RandomPoissonV2: large input shapes/rates trigger a CHECK failure leading to DoS. A patch was committed (552bfced6ce4…) and the fix will be in TensorFlow 2.10.0, with cherry-picks to 2.9.1, 2.8.1, and 2.7.2. Remediation: upgrade to TensorFlow 2.10.0 or apply the ...

GHSA-CV2P-32V3-VHWQ TensorFlow vulnerable to `CHECK` fail in `RandomPoissonV2`

Impact When RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=4,, dtype=tf.int32, maxval=65536 arg1=tf.random.uniformshape=4, 4, 4, 4, 4, dtype=tf.float32, maxval=None...

TensorFlow vulnerable to `CHECK` fail in `RandomPoissonV2`

Impact When RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=4,, dtype=tf.int32, maxval=65536 arg1=tf.random.uniformshape=4, 4, 4, 4, 4, dtype=tf.float32, maxval=None...

Google TensorFlow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow, which stems from a denial-of-service attack triggered by RandomPoissonV2 failing to give an assertion when it receive...

PT-2022-23102 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when RandomPoissonV2 receives large input shape and rates,...