CVE-2023-25667 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25667 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...

CVE-2023-25669 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25669 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...

CVE-2023-25663 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25663 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...

CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...

CVE-2023-25673 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25673 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...

CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...

CVE-2023-25675 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25675 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is available...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in TensorFlow Keras [CVE-2024-3660]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in TensorFlow Keras, caused by a code injection flaw CVE-2024-3660. TensorFlow Keras is used by our Speech Service runtimes. This vulnerabilitiy has been addressed. Please read the...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to keras-2.12.0-py2.py3-none-any.whl CVE-2024-3660

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to keras-2.12.0-py2.py3-none-any.whl CVE-2024-3660. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-3660 DESCRIPTION: TensorFlow Keras could allow a remote attack...

CVE-2024-35195 affecting package tensorflow for versions less than 2.16.1-8

CVE-2024-35195 affecting package tensorflow for versions less than 2.16.1-8. A patched version of the package is available...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to tensorflow-2.12.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl CVE-2023-33976

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to tensorflow-2.12.0-cp39-cp39-manylinux217x8664.manylinux2014x8664.whl CVE-2023-33976. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-33976 DESCRIPTION:...

AZL-54212 CVE-2024-11053 affecting package tensorflow for versions less than 2.16.1-7

When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but...

PT-2025-39414

Name of the Vulnerable Software and Affected Versions TensorFlow version 2.18.0 Description TensorFlow version 2.18.0 exhibits a behavior where it outputs random results during the compilation of the Embedding component. This can lead to unpredictable application behavior. Recommendations At the...

AZL-52449 CVE-2024-9681 affecting package tensorflow for versions less than 2.16.1-7

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow [CVE-2023-33976]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow, caused by a a segfault when not given a rank 2 tensor in the arrayops.upperbound function CVE-2023-33976. TensorFlow is used by our Speech Service runtimes. This...

CVE-2024-8088 affecting package tensorflow for versions less than 2.16.1-7

CVE-2024-8088 affecting package tensorflow for versions less than 2.16.1-7. A patched version of the package is available...

CVE-2024-3651 affecting package tensorflow for versions less than 2.16.1-7

CVE-2024-3651 affecting package tensorflow for versions less than 2.16.1-7. A patched version of the package is available...

CVE-2024-6232 affecting package tensorflow for versions less than 2.16.1-7

CVE-2024-6232 affecting package tensorflow for versions less than 2.16.1-7. A patched version of the package is available...

CVE-2024-7592 affecting package tensorflow for versions less than 2.16.1-6

CVE-2024-7592 affecting package tensorflow for versions less than 2.16.1-6. A patched version of the package is available...

Tensorflow-hub Detection

A Tensorflow-hub Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208141; scriptversion"1.6";...