8 matches found
vLLM 安全漏洞
vLLM is vLLM open source a high throughput and memory efficient inference and service engine for LLM. A security vulnerability exists in vLLM version 0.6.4 up to and including version 0.12.0, which stems from the fact that sending specially crafted 1x1 pixel images results in a tensor dimension...
PT-2026-2260
Name of the Vulnerable Software and Affected Versions vLLM versions 0.6.4 through 0.11.9 Description vLLM is an inference and serving engine for large language models LLMs. Users can cause the vLLM engine to crash when serving multimodal models that utilize the Idefics3 vision model implementatio...
Division By Zero Error
TensorFlow is vulnerable to a Division By Zero Error. The vulnerability is due to a division by zero error in the TFLite implementation of hashtable lookup when the values tensor's first dimension is 0, allowing an attacker to craft a model that, when processed, triggers the division by zero erro...
PYSEC-2021-682
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.Reverse. This is because the...
CVE-2021-29555
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.FusedBatchNorm. This is because the...
PYSEC-2020-131
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...
PYSEC-2020-288
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...
GHSA-MXJJ-953W-2C2V Data corruption in tensorflow-lite
Impact When determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/types.hL437-L442 Since the function...