Lucene search
K

6 matches found

OSV
OSV
added 2024/03/06 11:14 a.m.25 views

BIT-TENSORFLOW-2022-29207 Undefined behavior when users supply invalid resource handles in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but...

5.5CVSS5.6AI score0.00317EPSS
Exploits1References8
OSV
OSV
added 2022/05/20 10:25 p.m.11 views

CVE-2022-29205 Segfault due to missing support for quantized types in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types, which was added after migration to...

5.5CVSS5.2AI score0.00317EPSS
Exploits1References10
vulnersOsv
vulnersOsv
added 2021/05/21 2:28 p.m.7 views

d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2021-29614 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2021-29614 Source advisory: OSV:GHSA-8PMX-P244-G88H...

7.8CVSS7AI score0.00221EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2021/05/21 2:26 p.m.54 views

Division by zero in TFLite's implementation of `SpaceToDepth`

Impact The Prepare step of the SpaceToDepth TFLite operator does not check for 0 before division. cc const int blocksize = params-blocksize; const int inputheight = input-dims-data1; const int inputwidth = input-dims-data2; int outputheight = inputheight / blocksize; int outputwidth = inputwidth ...

7.8CVSS2.6AI score0.00201EPSS
Exploits1References8Affected Software3
NVD
NVD
added 2021/05/14 8:15 p.m.25 views

CVE-2021-29566

TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to tf.rawops.Dilation2DBackpropInput. This is because the...

7.8CVSS0.00201EPSS
Exploits1References2
PyPA
PyPA
added 2021/05/14 8:15 p.m.4 views

PYSEC-2021-170

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK failure by passing an empty image to tf.rawops.DrawBoundingBoxes. This is because the...

5.5CVSS7AI score0.00217EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder