Denial Of Service (DoS)

tensorflow is vulnerable to denial of service DoS attacks. An attacker is able to cause denial of service conditions via providing an invalid encoded input through the CompositeTensorVariant tensor, which triggers a segmentation fault in tf.rawops.CompositeTensorVariantToComponents...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service DoS attacks. An attacker is able to cause denial of service conditions via providing an input token that is not a UTF-8 bytestring to tf.rawops.PyFunc, which may trigger a CHECK fail...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service DoS attacks. An attacker is able to cause denial of service conditions via providing a large input size through tf.rawops.ResizeNearestNeighborGrad, causing buffer overflows...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service DoS attacks. An attacker is able to cause denial of service conditions by providing a sparsematrix input that is not a matrix with a shape of rank 0, triggering a CHECK fail in tf.rawops.SparseMatrixNNZ...

Remote Code Execution

tensorflow is vulnerable to remote code execution. An attacker is able to cause buffer overflows by setting poolingratio input to less then 1, leading to heap memory access, possibly resulting in remote code execution...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service DoS attacks. An attacker is able to cause denial of service conditions due to improper validation of user Inputs, densefeatures and examplestatedata, resulting in a CHECK fail in SdcaOptimizer...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service DoS attacks. An attacker is able to cause denial of service conditions by providing empty inputs through SparseFillEmptyRowsGrad...

Denial Of Service (DoS)

Tensorflow is vulnerable to denial of service. The vulnerability exists because the input size of BCast::ToShape is not properly handled which allows an attacker to crash the application by sending inputs larger than int32...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service DoS attacks. When a MirrorPadGrad is given outsize input paddings, the library gives a heap out of bound error, which allows an attacker to cause tensorflow to crash...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. A attacker can crash the application by providing outsize inputs to rowpoolingsequence and colpoolingsequence parameters in FractionMaxPoolGrad...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists when the ThreadUnsafeUnigramCandidateSampler is given input to filterbankchannelcount greater than the allowed max size, allowing an attacker to crash the application...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists because the PrintOneDimV2 function of tensor.cc does not properly convert char values to bool, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists because the Compute function of listkernels.cc does not properly validate the input size, allowing an attacker to cause an application crash by providing a non-scalar input...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists because the SetOpAttrList function of pywraptfesrc.cc fails to parse the tensor and returns a nullptr without proper error handling, allowing an attacker to cause an application crash through the null pointer dereference...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-41880 via tensorflow-cpu (>=1.15.0 <=2.7.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4934 more potentially affected by CVE-2022-41880 via tensorflow (>=1.0.1 <=2.8.3)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...

Tensorflow vulnerable to Out-of-Bounds Read

Impact When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs. python tf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 Patches We have...

clip-jax (=0.0.5), sdeper (>=1.1.0 <=1.6.1) potentially affected by CVE-2022-41880 via tensorflow-cpu (>=2.9.0 <=2.9.1)

tensorflow-cpu PYPI version =2.9.0, =1.1.0, =1.6.1 Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...

aimodelshare (>=0.0.157 <=0.1.0), aliby (>=0.1.18 <=0.1.55) +69 more potentially affected by CVE-2022-41880 via tensorflow (>=2.9.0 <=2.9.2)

tensorflow PYPI version =2.9.0, =0.0.157, =0.1.18, =0.1.11, =0.30.0, =0.2.6, =0.0.1, =1.0.0, =0.0.0, =4.8.2, =0.9.0, =0.99.1 - cvt-tensorflow =1.1.4 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +188 more potentially affected by CVE-2022-41880 via tensorflow-gpu (>=1.10.1 <=2.8.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...