Lucene search
K

123 matches found

OSV
OSV
added 2021/11/10 6:48 p.m.3 views

GHSA-CPF4-WX82-GXP6 Segfault due to negative splits in `SplitV`

Impact The implementation of SplitV can trigger a segfault is an attacker supplies negative arguments: python import tensorflow as tf tf.rawops.SplitV value=tf.constant, sizesplits=-1, -2 ,axis=0, numsplit=2 This occurs whenever sizesplits contains more than one value and at least one value is...

6.8CVSS6AI score0.00181EPSS
Exploits1References7
PyPA
PyPA
added 2021/11/05 11:15 p.m.5 views

PYSEC-2021-631

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SplitV can trigger a segfault is an attacker supplies negative arguments. This occurs whenever sizesplits contains more than one value and at least one value is negative. The fix will be include...

5.5CVSS6.9AI score0.00181EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/11/05 11:15 p.m.11 views

PYSEC-2021-829

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SplitV can trigger a segfault is an attacker supplies negative arguments. This occurs whenever sizesplits contains more than one value and at least one value is negative. The fix will be include...

5.5CVSS6.1AI score0.00181EPSS
Exploits1References2
OSV
OSV
added 2021/11/05 11:15 p.m.8 views

PYSEC-2021-414

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SplitV can trigger a segfault is an attacker supplies negative arguments. This occurs whenever sizesplits contains more than one value and at least one value is negative. The fix will be include...

5.5CVSS6.1AI score0.00181EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/11/05 12:0 a.m.2 views

PT-2021-23195 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier Description: TensorFlow is an open source platform for machine learning. The implementation o...

6.8CVSS5.2AI score0.00181EPSS
Exploits1References15
OSV
OSV
added 2021/08/25 2:42 p.m.2 views

GHSA-4XFP-4PFP-89WG Reference binding to nullptr in `RaggedTensorToSparse`

Impact An attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse: python import tensorflow as tf tf.rawops.RaggedTensorToSparse rtnestedsplits=0, 38, 0, rtdensevalues= The implementation has an incomplete validation of the splits values: it...

7.1CVSS5.8AI score0.00167EPSS
Exploits0References7
OSV
OSV
added 2021/08/12 10:15 p.m.6 views

PYSEC-2021-778

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

7.8CVSS5.9AI score0.00173EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/08/12 10:15 p.m.2 views

CVE-2021-37666

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case...

7.8CVSS5.6AI score0.00173EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2021/08/12 10:15 p.m.6 views

PYSEC-2021-579

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case...

7.8CVSS7AI score0.00173EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2021/08/12 10:15 p.m.7 views

PYSEC-2021-289

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

7.8CVSS6.9AI score0.00173EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/12 10:15 p.m.3 views

CVE-2021-37667

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

7.8CVSS5.6AI score0.00173EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/08/12 10:15 p.m.8 views

PYSEC-2021-289

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

7.8CVSS6.5AI score0.00173EPSS
Exploits0References2
PyPA
PyPA
added 2021/08/12 10:15 p.m.7 views

PYSEC-2021-288

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case...

7.8CVSS7AI score0.00173EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2021/08/12 10:15 p.m.8 views

PYSEC-2021-778

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

7.8CVSS6.9AI score0.00173EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2021/08/12 10:15 p.m.7 views

PYSEC-2021-580

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

7.8CVSS6.9AI score0.00173EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/12 9:15 p.m.6 views

CVE-2021-37656

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

7.8CVSS5.6AI score0.00167EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/08/12 9:15 p.m.6 views

PYSEC-2021-767

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

7.8CVSS6.5AI score0.00167EPSS
Exploits0References2
PyPA
PyPA
added 2021/08/12 9:15 p.m.7 views

PYSEC-2021-569

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

7.8CVSS6.9AI score0.00167EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/08/12 9:15 p.m.6 views

PYSEC-2021-278

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

7.8CVSS5.9AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2021/08/12 9:15 p.m.3 views

PYSEC-2021-263

TensorFlow is an end-to-end open source platform for machine learning. In affected versions if the arguments to tf.rawops.RaggedGather don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The implementation directly reads the first...

7.3CVSS6.5AI score0.00167EPSS
Exploits0References2
Rows per page
Query Builder