Lucene search
K

41 matches found

OSV
OSV
added 2020/09/25 7:15 p.m.4 views

PYSEC-2020-329

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

8.1CVSS7.2AI score0.00556EPSS
Exploits1References3
OSV
OSV
added 2020/09/25 7:15 p.m.6 views

PYSEC-2020-136

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...

4.3CVSS5.9AI score0.00632EPSS
Exploits1References3
OSV
OSV
added 2020/09/25 7:15 p.m.5 views

PYSEC-2020-293

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...

4.3CVSS5.9AI score0.00632EPSS
Exploits1References3
OSV
OSV
added 2020/09/25 7:15 p.m.5 views

PYSEC-2020-137

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

8.1CVSS7.2AI score0.00556EPSS
Exploits1References3
OSV
OSV
added 2020/09/25 7:15 p.m.2 views

PYSEC-2020-294

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

8.1CVSS7.2AI score0.00556EPSS
Exploits1References3
OSV
OSV
added 2020/09/25 7:15 p.m.4 views

PYSEC-2020-327

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...

8.6CVSS7AI score0.0061EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2020/09/25 6:50 p.m.6 views

CVE-2020-15212

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...

8.6CVSS7.1AI score0.0061EPSS
Exploits1
Cvelist
Cvelist
added 2020/09/25 6:50 p.m.29 views

CVE-2020-15213 Denial of service in tensorflow-lite

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...

4CVSS4AI score0.00632EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2020/09/25 6:50 p.m.3 views

CVE-2020-15213

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...

4.3CVSS6.8AI score0.00632EPSS
Exploits1
CVE
CVE
added 2020/09/25 6:50 p.m.92 views

CVE-2020-15214

CVE-2020-15214 affects TensorFlow Lite prior to 2.2.1 and 2.3.1. A write-out-of-bounds can occur when segment IDs are not sorted in segment_sum, due to memory allocation based on the last segment-id element, causing segmentation faults and potential memory corruption. The issue is patched in comm...

8.1CVSS7.8AI score0.00556EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2020/09/25 6:50 p.m.3 views

CVE-2020-15214

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

8.1CVSS7AI score0.00556EPSS
Exploits1
OSV
OSV
added 2020/09/25 6:29 p.m.2 views

GHSA-HX2X-85GR-WRPQ Out of bounds access in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor:...

9.1CVSS6.9AI score0.0061EPSS
Exploits1References11
Github Security Blog
Github Security Blog
added 2020/09/25 6:29 p.m.62 views

Out of bounds access in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor:...

8.6CVSS0.8AI score0.0061EPSS
Exploits1References11Affected Software3
OSV
OSV
added 2020/09/25 6:28 p.m.3 views

GHSA-P2CQ-CPRG-FRVM Out of bounds write in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimensionality of output tensor:...

9.1CVSS5.8AI score0.00556EPSS
Exploits1References12
OSV
OSV
added 2020/09/25 6:28 p.m.11 views

GHSA-HJMQ-236J-8M87 Denial of service in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor, attackers can use a very...

6.3CVSS5.8AI score0.00632EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.3 views

PT-2020-14283 · Google · Tensorflow Lite

Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue allows models using segment sum to trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment...

9.1CVSS8.7AI score0.0061EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.2 views

PT-2020-14284 · Google · Tensorflow Lite

Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue allows attackers to trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. This is possib...

6.3CVSS4.1AI score0.00632EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.7 views

PT-2020-14285 · Google · Tensorflow Lite

Name of the Vulnerable Software and Affected Versions: TensorFlow Lite versions prior to 2.2.1 TensorFlow Lite versions prior to 2.3.1 Description: The issue arises when models using segment sum have unsorted segment ids, causing the code to assume they are in increasing order. This leads to...

9.1CVSS7.9AI score0.00556EPSS
Exploits1References18
PyPA
PyPA
added 2019/12/16 9:15 p.m.7 views

PYSEC-2019-227

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

9.8CVSS7.4AI score0.00777EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2019/12/16 9:15 p.m.10 views

PYSEC-2019-234

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

9.8CVSS7.4AI score0.00777EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder