CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.5CVSS6.6AI score0.0024EPSS

AZL-31203 CVE-2023-25676 affecting package tensorflow for versions less than 2.11.1-1

OSV•added 2023/03/25 12:15 a.m.•3 views

AZL-35322 CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...

7.8CVSS6.6AI score0.00088EPSS

NVD•added 2023/03/25 12:15 a.m.•24 views

CVE-2023-25676

7.5CVSS8.4AI score0.0024EPSS

NVD•added 2023/03/25 12:15 a.m.•18 views

CVE-2023-27579

TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1...

7.5CVSS8.5AI score0.00206EPSS

7.5CVSS6.6AI score0.0024EPSS

AZL-31202 CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter summarize of tf.rawops.Print is zero, the new method SummarizeArray will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version...

OSV•added 2023/03/25 12:15 a.m.•5 views

AZL-31205 CVE-2023-25666 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

7.5CVSS6.6AI score0.00054EPSS

7.5CVSS6.7AI score0.0028EPSS

AZL-35318 CVE-2023-25673 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

OSV•added 2023/03/25 12:15 a.m.•5 views

AZL-35308 CVE-2023-25663 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when ctx-stepcontainter is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1...

7.5CVSS6.6AI score0.00206EPSS

9.8CVSS7AI score0.01465EPSS

AZL-31200 CVE-2023-25668 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...

Exploits1References1

OSV•added 2023/03/25 12:15 a.m.•1 views

AZL-31198 CVE-2023-25667 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

7.5CVSS6.7AI score0.00211EPSS

OSV•added 2023/03/25 12:15 a.m.•3 views

AZL-31207 CVE-2023-25669 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

7.5CVSS6.6AI score0.00206EPSS

NVD•added 2023/03/25 12:15 a.m.•11 views

CVE-2023-25660

7.5CVSS8.4AI score0.0024EPSS

NVD•added 2023/03/25 12:15 a.m.•22 views

CVE-2023-25662

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

7.5CVSS8.6AI score0.00151EPSS

NVD•added 2023/03/25 12:15 a.m.•17 views

CVE-2023-25659

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

7.5CVSS8.4AI score0.00204EPSS

NVD•added 2023/03/25 12:15 a.m.•14 views

CVE-2023-25675

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...

7.5CVSS8.3AI score0.00206EPSS

OSV•added 2023/03/25 12:15 a.m.•3 views

AZL-35312 CVE-2023-25667 affecting package tensorflow for versions less than 2.11.1-1

7.5CVSS6.7AI score0.00211EPSS

OSV•added 2023/03/25 12:15 a.m.•0 views

AZL-35314 CVE-2023-25669 affecting package tensorflow for versions less than 2.11.1-1

7.5CVSS6.6AI score0.00206EPSS

OSV•added 2023/03/25 12:15 a.m.•1 views

AZL-31209 CVE-2023-25662 affecting package tensorflow for versions less than 2.11.1-1

7.5CVSS6.7AI score0.00151EPSS

OSV•added 2023/03/25 12:15 a.m.•4 views

AZL-35319 CVE-2023-25674 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1...

7.5CVSS6.7AI score0.00391EPSS