8 matches found
CVE-2022-23560
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...
DEBIAN-CVE-2025-55560
An issue in pytorch v2.7.0 can lead to a Denial of Service DoS when a PyTorch model consists of torch.Tensor.tosparse and torch.Tensor.todense and is compiled by Inductor...
PYSEC-2025-209
An issue in pytorch v2.7.0 can lead to a Denial of Service DoS when a PyTorch model consists of torch.Tensor.tosparse and torch.Tensor.todense and is compiled by Inductor...
SUSE CVE-2022-23560
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...
GHSA-4HVF-HXVG-F67V Read and Write outside of bounds in TensorFlow
Impact An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. Patches We have patched the issue in GitHub commit 6364463d6f5b6254cac3d6aedf999b6a96225038...
PYSEC-2022-124
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...
PYSEC-2022-69
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...
PT-2022-16076 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.5.3 through 2.7.1 TensorFlow version 2.8.0 is not affected, as it includes the fix. Description: An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits...