Stack overflow

TensorFlow is an open source platform for machine learning. An input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in...

PYSEC-2022-146

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...

PYSEC-2021-708

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.Dequantize, an attacker can trigger a read from outside of bounds of heap allocated data. The...

Tensorflow Data Validation Vulnerability

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow version 2.3.0 that stems from the inability of the SparseCountSparseOutput and RaggedCountSparseOutput implementations to verify that the weights...