CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41895)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41895 advisory. - TensorFlow is an open source platform for machine learning. If MirrorPadGrad is given outsize input...

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41898)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41898 advisory. - TensorFlow is an open source platform for machine learning. If SparseFillEmptyRowsGrad is given empty...

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41886)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41886 advisory. - TensorFlow is an open source platform for machine learning. When tf.rawops.ImageProjectiveTransformV2 is...

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41889)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41889 advisory. - TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned t...

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41896)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41896 advisory. - TensorFlow is an open source platform for machine learning. If ThreadUnsafeUnigramCandidateSampler is...

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41907)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41907 advisory. - TensorFlow is an open source platform for machine learning. When tf.rawops.ResizeNearestNeighborGrad is...

CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41897)

The version of tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41897 advisory. - TensorFlow is an open source platform for machine learning. If FractionMaxPoolGrad is given outsize inpu...

AZL-37839 CVE-2023-23916 affecting package tensorflow for versions less than 2.16.1-1

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

AZL-38093 CVE-2023-23915 affecting package tensorflow for versions less than 2.16.1-1

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...

AZL-38043 CVE-2023-23914 affecting package tensorflow for versions less than 2.16.1-1

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is...

SUSE CVE-2018-7576

Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent...

SUSE CVE-2018-7575

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent...

SUSE CVE-2018-7577

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory...

SUSE CVE-2018-8825

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local...

SUSE CVE-2018-10055

Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file...

SUSE CVE-2018-21233

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...

SUSE CVE-2019-9635

NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file...

SUSE CVE-2019-16778

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

SUSE CVE-2020-15191

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...

SUSE CVE-2020-15190

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the tf.rawops.Switch operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. Howeve...