4 matches found
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37675 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...
GHSA-3W67-Q784-6W7C Division by zero in TFLite's implementation of `GatherNd`
Impact The reference implementation of the GatherNd TFLite operator is vulnerable to a division by zero error: cc ret.dimstocounti = remainflatsize / paramsshape.Dimsi; An attacker can craft a model such that params input would be an empty tensor. In turn, paramsshape.Dims. would be zero, in at...
GHSA-PH87-FVJR-V33W CHECK-fail in `tf.raw_ops.RFFT`
Impact An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT: python import tensorflow as tf inputs = tf.constant1, shape=1, dtype=tf.float32 fftlength = tf.constant0, shape=1, dtype=tf.int32 tf.rawops.RFFTinput=inputs,...
PYSEC-2021-233
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the EmbeddingLookup TFLite operator is vulnerable to a division by zero...