Lucene search
K

15 matches found

OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-963 Code injection in `saved_model_cli` in TensorFlow

Impact TensorFlow's savedmodelcli tool is vulnerable to a code injection: savedmodelcli run --inputexprs 'x=print"malicious code to run"' --dir ./ --tagset serve --signaturedef servingdefault This can be used to open a reverse shell savedmodelcli run --inputexprs 'hello=exec"""\nimport...

7.8CVSS6AI score0.00536EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2021-0450

Malware in sbrugna...

7.8CVSS7.5AI score0.00208EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2924

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00536EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2025/02/05 11:56 p.m.8 views

CVE-2022-29216

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's savedmodelcli tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had...

7.8CVSS7.1AI score0.00536EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2022/05/24 10:16 p.m.61 views

Code injection in `saved_model_cli` in TensorFlow

Impact TensorFlow's savedmodelcli tool is vulnerable to a code injection: savedmodelcli run --inputexprs 'x=print"malicious code to run"' --dir ./ --tagset serve --signaturedef servingdefault This can be used to open a reverse shell savedmodelcli run --inputexprs 'hello=exec"""\nimport...

7.8CVSS7.7AI score0.00536EPSS
Exploits1References10Affected Software3
NVD
NVD
added 2022/05/21 12:15 a.m.19 views

CVE-2022-29216

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's savedmodelcli tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had...

7.8CVSS0.00536EPSS
Exploits1References8
Prion
Prion
added 2022/05/21 12:15 a.m.17 views

Code injection

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's savedmodelcli tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had...

4.6CVSS8AI score0.00536EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2022/05/20 11:35 p.m.138 views

CVE-2022-29216

TensorFlow CVE-2022-29216 affects the saved_model_cli tool. Prior to 2.9.0 and backports to 2.8.1, 2.7.2, and 2.6.4, the tool allowed code injection via numpy expressions, potentially enabling a reverse shell. The issue stems from unsafe evaluation of input expressions; a patch removes the safe=F...

7.8CVSS7.8AI score0.00536EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2022/05/20 11:35 p.m.8 views

CVE-2022-29216 Code injection in `saved_model_cli` in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's savedmodelcli tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had...

7.8CVSS8.1AI score0.00536EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2021/11/10 4:54 p.m.46 views

Code injection in `saved_model_cli`

Impact TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings python def preprocessinputexprsargstringinputexprsstr: ... for inputraw in filterbool, inputexprsstr.split';': ... inputkey, expr = inputraw.split'=', 1 inputdictinputkey = evalexpr...

7.8CVSS1.7AI score0.00208EPSS
Exploits1References7Affected Software3
NVD
NVD
added 2021/11/05 11:15 p.m.16 views

CVE-2021-41228

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given...

7.8CVSS0.00208EPSS
Exploits1References2
Prion
Prion
added 2021/11/05 11:15 p.m.18 views

Code injection

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given...

4.6CVSS7.7AI score0.00208EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/11/05 11:15 p.m.9 views

PYSEC-2021-420

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given...

7.8CVSS7.8AI score0.00208EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/11/05 11:15 p.m.4 views

CVE-2021-41228

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given...

7.8CVSS7.4AI score0.00208EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/11/05 10:25 p.m.24 views

CVE-2021-41228 Code injection in `saved_model_cli`

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given...

7.5CVSS8.1AI score0.00208EPSS
Exploits1References2
Rows per page
Query Builder