14320 matches found
CVE-2023-25676 TensorFlow has null dereference on ParallelConcat with XLA
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25676 TensorFlow has null dereference on ParallelConcat with XLA
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25676
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25676 TensorFlow has null dereference on ParallelConcat with XLA
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25801
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...
CVE-2023-25801 TensorFlow has double free in Fractional(Max/Avg)Pool
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...
CVE-2023-25801 TensorFlow has double free in Fractional(Max/Avg)Pool
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...
CVE-2023-25801 TensorFlow has double free in Fractional(Max/Avg)Pool
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...
CVE-2023-25801
CVE-2023-25801 — TensorFlow double-free in fractional pooling : Connected sources confirm a vulnerability in nn_ops.fractional_avg_pool_v2 and nn_ops.fractional_max_pool_v2 where the first and fourth elements of pooling_ratio must be 1.0 for batch/channel pooling to be supported. The issue is tri...
CVE-2023-27579
CVE-2023-27579 : TensorFlow contains a denial of service/ Floating Point Exception when constructing a tflite model with a parameter filter_input_channel
CVE-2023-27579 TensorFlow has Floating Point Exception in TFLite in conv kernel
TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1...
CVE-2023-27579 TensorFlow has Floating Point Exception in TFLite in conv kernel
TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1...
CVE-2023-27579 TensorFlow has Floating Point Exception in TFLite in conv kernel
TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1...
CVE-2023-27579
TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1...
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
Impact If the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. python import tensorflow as tf func = tf.rawops.DynamicStitch para='indices': 0xdeadbeef, 405, 519, 758, 1015, 'data': 110.27793884277344, 120.29475402832031,...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-25659 via tensorflow-gpu (>=1.10.1 <=2.0.4)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25659 Source advisory: OSV:GHSA-93VR-9Q9M-PJ8P...
a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +607 more potentially affected by CVE-2023-25659 via tensorflow (>=1.0.1 <=2.11.0rc2)
tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =1.1.0, =0.0.1, =0.2.0, =0.3.1, =0.5.1 and more Source cves: CVE-2023-25659 Source advisory: OSV:GHSA-93VR-9Q9M-PJ8P...
cifar-10-model (=7.4.0), gamornet-cpu (>=0.2.3 <=0.4.3) +8 more potentially affected by CVE-2023-25659 via tensorflow-cpu (>=1.15.0 <=2.11.0)
tensorflow-cpu PYPI version =1.15.0, =0.2.3, =0.0.5, =1.0.0, =1.8.2, =0.1.3, =0.3.0.dev221212, =0.7.0, =0.7.5 Source cves: CVE-2023-25659 Source advisory: OSV:GHSA-93VR-9Q9M-PJ8P...
GHSA-93VR-9Q9M-PJ8P TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
Impact If the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. python import tensorflow as tf func = tf.rawops.DynamicStitch para='indices': 0xdeadbeef, 405, 519, 758, 1015, 'data': 110.27793884277344, 120.29475402832031,...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-25660 via tensorflow-gpu (>=1.10.1 <=2.0.4)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25660 Source advisory: OSV:GHSA-QJQC-VQCF-5QVJ...