arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +156 more potentially affected by CVE-2023-33976 via tensorflow-gpu (>=1.10.1 <=2.12.0)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2023-33976 Source advisory: OSV:GHSA-GJH7-XX4R-X345...

a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +712 more potentially affected by CVE-2023-33976 via tensorflow (>=1.0.1 <=2.12.0rc1)

tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =0.1.0, =1.1.2, =0.0.1, =0.3.26, =1.1.0, =1.8.15, =1.8.17, =0.0.1, =0.1.18, =1.8.14, =2.2.0 and more Source cves: CVE-2023-33976 Source advisory: OSV:GHSA-GJH7-XX4R-X345...

CVE-2023-33976

TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...

AZL-47242 CVE-2023-33976 affecting package tensorflow for versions less than 2.11.1-2

TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to the arrayops.upperbound function. An attacker can cause a denial of service by providing input that is not a rank 2 tensor. Remediation Upgrade tensorflow-lite to version 2.15.0 or higher. Reference...

CVE-2023-33976

CVE-2023-33976: TensorFlow is vulnerable to a denial-of-service crash due to a segfault in array_ops.upper_bound when not given a rank-2 tensor. The documented root cause is a segfault in array_ops.upper_bound; impact is a crash that can be triggered remotely as described in the advisory. The pub...

CVE-2023-33976 TensorFlow segfault in array_ops.upper_bound

TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...

CVE-2023-33976

TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...

CVE-2023-33976 TensorFlow segfault in array_ops.upper_bound

TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...

CVE-2023-33976 TensorFlow segfault in array_ops.upper_bound

TensorFlow is an end-to-end open source platform for machine learning. arrayops.upperbound causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12...

TensorFlow 输入验证错误漏洞

TensorFlow is a suite of end-to-end open source platforms for machine learning open-sourced by TensorFlow. An input validation error vulnerability exists in TensorFlow versions prior to 2.13.0, which stems from arrayops.upperbound causing a segmentation error when a 2nd order tensor is not...

PT-2024-12453 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.13 TensorFlow versions 2.12 and earlier Description: The issue is caused by array ops.upper bound when not given a rank 2 tensor, resulting in a segfault. The estimated number of potentially affected devices...

CBL Mariner 2.0 Security Update: libpng / tensorflow (CVE-2022-3857)

The version of libpng / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3857 advisory. - NIST NVD Details CVE-2022-3857 Note that Nessus has not tested for this issue but has instead...

AZL-43207 CVE-2024-3651 affecting package tensorflow for versions less than 2.16.1-7

A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This...

CBL Mariner 2.0 Security Update: rust / tensorflow / cmake / mysql (CVE-2023-27537)

The version of rust / tensorflow / cmake / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27537 advisory. - A double free vulnerability exists in libcurl 8.0.0 when sharing HSTS data betwee...

CBL Mariner 2.0 Security Update: rust / tensorflow / curl / mysql (CVE-2023-28319)

The version of rust / tensorflow / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28319 advisory. - A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a...

CBL Mariner 2.0 Security Update: mysql / rust / cmake / curl / tensorflow (CVE-2023-23914)

The version of mysql / rust / cmake / curl / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-23914 advisory. - A cleartext transmission of sensitive information vulnerability exists in...

CBL Mariner 2.0 Security Update: tensorflow / rust / curl (CVE-2023-32001)

The version of tensorflow / rust / curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32001 advisory. - Rejected reason: We issued this CVE pre-maturely, as we have subsequently realized that th...

CBL Mariner 2.0 Security Update: mysql / rust / cmake / curl / tensorflow (CVE-2023-23915)

The version of mysql / rust / cmake / curl / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-23915 advisory. - A cleartext transmission of sensitive information vulnerability exists in...

CBL Mariner 2.0 Security Update: mysql / rust / cmake / curl / tensorflow (CVE-2023-28322)

The version of mysql / rust / cmake / curl / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28322 advisory. - An information disclosure vulnerability exists in curl v8.1.0 when doing...