118 matches found
complaintclassify (=0.0.9) potentially affected by CVE-2021-37688 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37688 Source advisory: OSV:GHSA-VCJJ-9VG7-VF68...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37691 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...
complaintclassify (=0.0.9) potentially affected by CVE-2021-37682 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37682 Source advisory: OSV:PYSEC-2021-595...
deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-37663 via tensorflow-gpu (>=2.3.0 <=2.3.2)
tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-37663 Source advisory: OSV:PYSEC-2021-774...
PYSEC-2021-305
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of division in TFLite is vulnerable to a division by 0 error. There is no check that the divisor tensor does not contain zero elements. We have patched the issue in GitHub commit...
PYSEC-2021-763
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.BoostedTreesCreateEnsemble can result in a use after free error if an attacker supplies specially crafted arguments. The implementation uses a reference counted resource an...
PYSEC-2021-768
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixDiagV. The implementation has incomplete validation that the value of k is a valid...
complaintclassify (=0.0.9) potentially affected by CVE-2021-29604 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29604 Source advisory: OSV:GHSA-8RM6-75MF-7R7R...
deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29603 via tensorflow-gpu (>=2.3.0 <=2.3.2)
tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29603 Source advisory: OSV:GHSA-CRCH-J389-5F84...
GHSA-97WF-P777-86JQ Division by zero in TFLite's implementation of Split
Impact The implementation of the Split TFLite operator is vulnerable to a division by zero error: cc TFLITEENSUREMSGcontext, inputsize % numsplits == 0, "Not an even split"; const int slicesize = inputsize / numsplits; An attacker can craft a model such that numsplits would be 0. Patches We have...
pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2021-29597 via tensorflow-cpu (=2.2.0)
tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2021-29597 Source advisory: OSV:GHSA-V52P-HFJF-WG88...
d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2021-29595 via tensorflow-gpu (=2.2.0)
tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2021-29595 Source advisory: OSV:GHSA-VF94-36G5-69V8...
pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2021-29586 via tensorflow-cpu (=2.2.0)
tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2021-29586 Source advisory: OSV:GHSA-26J7-6W8W-7922...
pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2021-29575 via tensorflow-cpu (=2.2.0)
tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2021-29575 Source advisory: OSV:GHSA-6QGM-FV6V-RFPV...
pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2021-29565 via tensorflow-cpu (=2.2.0)
tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2021-29565 Source advisory: OSV:GHSA-R6PG-PJWC-J585...
complaintclassify (=0.0.9) potentially affected by CVE-2021-29561 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29561 Source advisory: OSV:GHSA-GVM4-H8J3-RJRQ...
a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +1358 more potentially affected by CVE-2021-29546 via tensorflow (>=1.0.1 <=2.1.2)
tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =0.0.6, =0.1.0, =0.0.1, =1.1.2, =0.0.1, =2.0.0, =0.3.26, =0.2.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2021-29546 Source advisory: OSV:GHSA-M34J-P8RJ-WJXQ...
complaintclassify (=0.0.9) potentially affected by CVE-2021-29538 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29538 Source advisory: OSV:GHSA-J8QC-5FQR-52FP...
complaintclassify (=0.0.9) potentially affected by CVE-2021-29535 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29535 Source advisory: OSV:GHSA-M3F9-W3P3-P669...
brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29517 via tensorflow-gpu (>=2.4.0 <=2.4.1)
tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29517 Source advisory: OSV:PYSEC-2021-643...