MAL-2023-2303 Malicious code in tensorfloww (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a5203869ac71bd118b8ad82e3dba23eb0369119939538840ad6f8258d15d5cd4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in tensorlow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e2af8bef5370496f6bdb07584835e26816164b4afb8e93d5c5a58c6331048959 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-2310 Malicious code in tenssorflow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3457c812eebd7826b016b3a75d554ca0de0981cdbbde4ba969a423b277a92a6d Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-2305 Malicious code in tensorflwo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 758ac6d80263cf95ff52c4d2dfdf8ece9bd443edd1e3c7062e7a0b3b45f69b2c Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in tensorrflow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9743741eb617e1a86db80894acdc85f9413390a4adaddae56b9f211f41b387b7 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-2308 Malicious code in tensorrflow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9743741eb617e1a86db80894acdc85f9413390a4adaddae56b9f211f41b387b7 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

AZL-37981 CVE-2022-43552 affecting package tensorflow for versions less than 2.16.1-1

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation as part of the Watson NLP functionality CVE-2015-20107. GNOME libxml2 is used by IBM Robotic Process Automation as part of container base images,...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in TensorFlow

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of TensorFlow. Vulnerability Details CVEID:CVE-2022-41910 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the MakeGrapplerFunctionItem function i...

AZL-38788 CVE-2022-43551 affecting package tensorflow for versions less than 2.16.1-1

A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypasse...

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.6. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system, caused by an insecure interpolation defaults flaw. By sendi...

ai.djl.spring:djl-spring-boot-starter-tensorflow-auto (>=0.15 <=0.18), ai.djl.tensorflow:tensorflow-api (>=0.15.0 <=0.18.0) +7125 more potentially affected by CVE-2022-3510 via com.google.protobuf:protobuf-java (>=3.17.0 <=3.19.5)

com.google.protobuf:protobuf-java MAVEN version =3.17.0, =0.15, =0.15.0, =0.15.0, =0.15.0, =3.32.1.6, =3.32.1.6-1-2.1, =3.32.1.6-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.0.1, =2.8.4-alpha1, =3.0.1-alpha1 and more Source cves: CVE-2022-3510...

ai.djl.spring:djl-spring-boot-starter-tensorflow-auto (>=0.15 <=0.18), ai.djl.tensorflow:tensorflow-api (>=0.15.0 <=0.18.0) +7125 more potentially affected by CVE-2022-3509 via com.google.protobuf:protobuf-java (>=3.17.0 <=3.19.5)

com.google.protobuf:protobuf-java MAVEN version =3.17.0, =0.15, =0.15.0, =0.15.0, =0.15.0, =3.32.1.6, =3.32.1.6-1-2.1, =3.32.1.6-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.0.1, =2.8.4-alpha1, =3.0.1-alpha1 and more Source cves: CVE-2022-3509...

CVE-2022-41888 affecting package tensorflow for versions less than 2.11.0-1

CVE-2022-41888 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-41909 affecting package tensorflow for versions less than 2.11.0-1

CVE-2022-41909 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-41901 affecting package tensorflow for versions less than 2.11.0-1

CVE-2022-41901 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-41896 affecting package tensorflow for versions less than 2.11.0-1

CVE-2022-41896 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-41895 affecting package tensorflow for versions less than 2.11.0-1

CVE-2022-41895 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-41893 affecting package tensorflow for versions less than 2.11.0-1

CVE-2022-41893 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-41880 affecting package tensorflow for versions less than 2.11.0-1

CVE-2022-41880 affecting package tensorflow for versions less than 2.11.0-1. An upgraded version of the package is available that resolves this issue...