14329 matches found
PT-2022-23096 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when EmptyTensorList receives an input element shape with more...
PT-2022-23114 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when mlir::tfg::TFOp::nameAttr receives null type list...
PT-2022-23066 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when QuantizedAdd is given min input or max input tensors of a...
PT-2022-23097 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.0 through 2.9.0 TensorFlow versions 2.8.0 through 2.8.0 TensorFlow versions 2.7.0 through 2.7.1 Description: The issue occurs when Conv2DBackpropInput receives empty out backprop...
PT-2022-23094 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.0 through 2.9.0 TensorFlow versions 2.8.0 through 2.8.0 TensorFlow versions 2.7.0 through 2.7.1 Description: The issue occurs when the Conv2D function is given an empty input and val...
PT-2022-23068 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The implementation of Conv2DBackpropInput requires input sizes to be...
PT-2022-23045 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The ScatterNd function in TensorFlow takes an input argument that determines th...
PT-2022-23088 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when tf.quantization.fake quant with min max vars per channel...
PT-2022-23072 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1, 2.8.1, and 2.7.2 Description: The issue arises when QuantizedMatMul is given nonscalar input for: min a, max a, min b, or max b. This can trigger a segfault, leading to a denial o...
PT-2022-23081 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when Save or SaveSlices is run over tensors of an unsupported...
PT-2022-23126 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when converting transposed convolutions using per-channel weig...
PT-2022-23082 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises from ParameterizedTruncatedNormal assuming shape is of type...
PT-2022-23067 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The implementation of AvgPoolGrad does not fully validate the input orig input...
PT-2022-23058 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The implementation of AvgPool3DGradOp does not fully validate the input orig...
PT-2022-23117 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue results in a segfault that can be used to trigger a denial of service...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of TensorFlow. Vulnerability Details CVEID: CVE-2022-29210 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the TensorKey hash function. A local authenticat...
Malicious code in tensorflow-js-website (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbe94795c766f0a4d3c94608924b1fd354b5ec753d4f31f7afc3b411173c00c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6458 Malicious code in tensorflow-js-website (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbe94795c766f0a4d3c94608924b1fd354b5ec753d4f31f7afc3b411173c00c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
OPENSUSE-SU-2022:10014-1 Security update for tensorflow2
This update for tensorflow fixes the following issues: Update to TF2 2.6.0 which fixes multiple CVEs boo1189423. - Introduction of bazel6.3 and basel-skylib1.0.3 as build dependencies. The latter has been adapted to all a version in its package name if %setversuffix is set to 1. This allows...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by unknown CVE via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-MW6J-HH29-H379...