Lucene search
K

43 matches found

Debian CVE
Debian CVE
added 2022/11/18 12:0 a.m.2 views

CVE-2022-41901

TensorFlow is an open source platform for machine learning. An input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in...

7.5CVSS7AI score0.0044EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/11/18 12:0 a.m.5 views

PT-2022-26133

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.11 TensorFlow version 2.10.1 TensorFlow version 2.9.3 TensorFlow version 2.8.4 Description TensorFlow is an open source platform for machine learning. An input sparse matrix that is not a matrix with a shape with...

7.5CVSS7.1AI score0.0044EPSS
Exploits1References14
OSV
OSV
added 2021/11/10 6:51 p.m.5 views

GHSA-4F99-P9C2-3J8X Undefined behavior via `nullptr` reference binding in sparse matrix multiplication

Impact The code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr: python import tensorflow as tf tf.rawops.SparseMatMul a=1.0,1.0,1.0, b=,,, transposea=False, transposeb=False, aissparse=False, bissparse=True This occurs whenever the dimensio...

7.8CVSS5.8AI score0.00204EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2021/11/10 6:51 p.m.40 views

Undefined behavior via `nullptr` reference binding in sparse matrix multiplication

Impact The code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr: python import tensorflow as tf tf.rawops.SparseMatMul a=1.0,1.0,1.0, b=,,, transposea=False, transposeb=False, aissparse=False, bissparse=True This occurs whenever the dimensio...

7.8CVSS2AI score0.00204EPSS
Exploits1References7Affected Software3
NVD
NVD
added 2021/11/05 9:15 p.m.35 views

CVE-2021-41219

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS0.00204EPSS
Exploits1References2
OSV
OSV
added 2021/11/05 9:15 p.m.18 views

CVE-2021-41219

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS6.7AI score
Exploits0References2
PyPA
PyPA
added 2021/11/05 9:15 p.m.8 views

PYSEC-2021-411

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS7.2AI score0.00204EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/11/05 9:15 p.m.18 views

Heap overflow

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

4.6CVSS7.5AI score0.00204EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/11/05 9:15 p.m.20 views

PYSEC-2021-628

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS2.2AI score0.00204EPSS
Exploits1References2
OSV
OSV
added 2021/11/05 9:15 p.m.13 views

PYSEC-2021-411

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS7.1AI score0.00204EPSS
Exploits1References2
PyPA
PyPA
added 2021/11/05 9:15 p.m.7 views

PYSEC-2021-628

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS7.2AI score0.00204EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/11/05 9:15 p.m.8 views

PYSEC-2021-826

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS7.1AI score0.00204EPSS
Exploits1References2
PyPA
PyPA
added 2021/11/05 9:15 p.m.8 views

PYSEC-2021-826

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS7.2AI score0.00204EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2021/11/05 8:50 p.m.2 views

CVE-2021-41219

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS7.2AI score0.00204EPSS
Exploits1
Cvelist
Cvelist
added 2021/11/05 8:50 p.m.48 views

CVE-2021-41219 Undefined behavior via `nullptr` reference binding in sparse matrix multiplication

TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...

7.8CVSS7.8AI score0.00204EPSS
Exploits1References2
CVE
CVE
added 2021/11/05 8:50 p.m.86 views

CVE-2021-41219

TensorFlow SparseMatMul contains undefined behavior by binding a reference to nullptr when either input dimension is 0 or less, risking heap OOB writes. The issue affects TensorFlow releases prior to the fix and is documented across multiple advisories (OSV, GHSA) with specific commit e6cf28c7 an...

7.8CVSS7.5AI score0.00204EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/11/05 12:0 a.m.5 views

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A buffer error vulnerability exists in Google TensorFlow, which stems from the code for sparse matrix multiplication being susceptible to undefined behavior by binding references to "nullptr" in the...

7.8CVSS7.6AI score0.00204EPSS
Exploits1References4
OSV
OSV
added 2021/05/21 2:22 p.m.17 views

GHSA-XCWJ-WFCM-M23C Invalid validation in `SparseMatrixSparseCholesky`

Impact An attacker can trigger a null pointer dereference by providing an invalid permutation to tf.rawops.SparseMatrixSparseCholesky: python import tensorflow as tf import numpy as np from tensorflow.python.ops.linalg.sparse import sparsecsrmatrixops indicesarray = np.array0, 0 valuearray =...

2.5CVSS6.1AI score0.00232EPSS
Exploits1References7
OSV
OSV
added 2021/05/14 8:15 p.m.5 views

PYSEC-2021-683

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

5.5CVSS5.9AI score0.00189EPSS
Exploits1References2
OSV
OSV
added 2021/05/14 8:15 p.m.6 views

PYSEC-2021-167

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid permutation to tf.rawops.SparseMatrixSparseCholesky. This is because the...

7.8CVSS7.3AI score0.00232EPSS
Exploits1References2
Rows per page
Query Builder