Lucene search
K

20 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.4 views

SUSE CVE-2020-15195

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

8.8CVSS8.7AI score0.00938EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-29565

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.SparseFillEmptyRows. This is because of missing...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.7 views

SUSE CVE-2021-37676

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empt...

7.8CVSS6.2AI score0.00173EPSS
Exploits0References4
OSV
OSV
added 2022/11/21 9:54 p.m.1 views

GHSA-HQ7G-WWWP-Q46H `CHECK` fail via inputs in `SparseFillEmptyRowsGrad`

Impact If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. python import tensorflow as tf tf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None Patches We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be...

4.8CVSS6.9AI score0.0044EPSS
Exploits1References5
OSV
OSV
added 2021/11/10 6:45 p.m.3 views

GHSA-RG3M-HQC5-344V `SparseFillEmptyRows` heap OOB

Impact The implementation of SparseFillEmptyRows can be made to trigger a heap OOB access: python import tensorflow as tf data=tf.rawops.SparseFillEmptyRows indices=0,0,0,0,0,0, values='sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss', denseshape=5,3, defaultvalue='o' This occurs...

7.1CVSS5.8AI score0.00201EPSS
Exploits1References7
OSV
OSV
added 2021/11/05 9:15 p.m.10 views

PYSEC-2021-416

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SparseFillEmptyRows can be made to trigger a heap OOB access. This occurs whenever the size of indices does not match the size of values. The fix will be included in TensorFlow 2.7.0. We will al...

7.1CVSS5.9AI score0.00201EPSS
Exploits1References2
Veracode
Veracode
added 2021/08/16 6:59 a.m.19 views

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. Empty tensors are not validated which allows an attacker to cause an undefined behavior by binding a reference to null pointer in tf.rawops.SparseFillEmptyRows...

7.8CVSS4.6AI score0.00173EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2021/08/12 10:15 p.m.3 views

CVE-2021-37676

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empt...

7.8CVSS5.6AI score0.00173EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2021/08/12 10:15 p.m.7 views

PYSEC-2021-787

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empt...

7.8CVSS6.9AI score0.00173EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/05/14 8:15 p.m.46 views

CVE-2021-29565

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.SparseFillEmptyRows. This is because of missing...

5.5CVSS0.00189EPSS
Exploits1References2
PyPA
PyPA
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-493

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.SparseFillEmptyRows. This is because of missing...

5.5CVSS6.9AI score0.00189EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/05/14 8:15 p.m.11 views

PYSEC-2021-202

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.SparseFillEmptyRows. This is because of missing...

5.5CVSS6.9AI score0.00189EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2021/05/14 7:16 p.m.4 views

CVE-2021-29565

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.SparseFillEmptyRows. This is because of missing...

5.5CVSS6.9AI score0.00189EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.4 views

PT-2021-18316 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can trigger a null pointer...

5.5CVSS5.2AI score0.00189EPSS
Exploits1References13
CNVD
CNVD
added 2020/09/28 12:0 a.m.8 views

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2020-54782)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow SparseFillEmptyRowsGrad versions prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1, and 2.3.1, which arises from a networked system or product that perfor...

8.8CVSS7AI score0.00938EPSS
Exploits1References1
PyPA
PyPA
added 2020/09/25 7:15 p.m.6 views

PYSEC-2020-309

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...

5.3CVSS6.8AI score0.01017EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/09/25 7:15 p.m.5 views

PYSEC-2020-274

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...

5.3CVSS6.1AI score0.01017EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2020/09/25 6:40 p.m.6 views

CVE-2020-15194

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...

5.3CVSS6.8AI score0.01017EPSS
Exploits1
OSV
OSV
added 2020/09/25 6:28 p.m.4 views

GHSA-63XM-RX5P-XVQR Heap buffer overflow in Tensorflow

Impact The implementation of SparseFillEmptyRowsGrad uses a double indexing pattern: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/kernels/sparsefillemptyrowsop.ccL263-L269 It is possible for reverseindexmapi to be an index outside of bound...

8.5CVSS7.1AI score0.00938EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.3 views

PT-2020-14265 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 1.15.4 Tensorflow versions prior to 2.0.3 Tensorflow versions prior to 2.1.2 Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The SparseFillEmptyRowsGrad implementation has...

9.8CVSS5.9AI score0.01235EPSS
Exploits16References68
Rows per page
Query Builder