CVE-2021-37646

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...

SUSE CVE-2021-29542

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams. This is because the...

SUSE CVE-2021-37646

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...

PT-2022-15073 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of StringNGrams can be used to trigger a denial of service...

GHSA-H6JH-7GV5-28VG Bad alloc in `StringNGrams` caused by integer conversion

Impact The implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. python import tensorflow as tf tf.rawops.StringNGrams data='','', datasplits=0,2, separator...

PYSEC-2021-559

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...

PYSEC-2021-268

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...

PYSEC-2021-268

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...

CVE-2021-37646

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The...

GHSA-4HRH-9VMP-2JGG Heap buffer overflow in `StringNGrams`

Impact An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams: python import tensorflow as tf separator = b'\x02\x00' ngramwidths = 7, 6, 11 leftpad = b'\x7f\x7f\x7f\x7f\x7f' rightpad = b'\x7f\x7f\x25\x5d\x53\x74' padwidth = 50 preserveshortsequences = Tr...

GHSA-XQFJ-35WV-M3CR Null pointer dereference in `StringNGrams`

Impact An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams: python import tensorflow as tf data=tf.constant'' 11, shape=11, dtype=tf.string splits = 0115 splits.append3 datasplits=tf.constantsplits, shape=116, dtype=tf.int64 tf.rawops.StringNGramsdata=data,...

PYSEC-2021-179

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams. This is because the...

PYSEC-2021-470

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams. This is because the...

CVE-2021-29541

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...

PT-2021-18292 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can trigger a dereference of a null pointer in tf.raw ops.StringNGrams because the...

PT-2020-14276 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.4 TensorFlow versions prior to 2.0.3 TensorFlow versions prior to 2.1.2 TensorFlow versions prior to 2.2.1 TensorFlow versions prior to 2.3.1 Description: The data splits argument of tf.raw ops.StringNGrams...