CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

vulnersOsv•added 2022/02/09 11:43 p.m.•5 views

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-21736 via tensorflow-cpu (>=1.15.0 <=2.4.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-21736 Source advisory: OSV:GHSA-PFJJ-M3JJ-9JC9...

7.6CVSS6.5AI score0.00746EPSS

OSV•added 2022/02/09 11:43 p.m.•1 views

GHSA-PFJJ-M3JJ-9JC9 Undefined behavior in `SparseTensorSliceDataset`

Impact The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value: python import tensorflow as tf import numpy as np tf.rawops.SparseTensorSliceDataset indices=, values=, denseshape=1,1 The 3 input arguments...

7.6CVSS5.8AI score0.00746EPSS

Exploits1References7

Github Security Blog•added 2022/02/09 11:43 p.m.•31 views

Undefined behavior in `SparseTensorSliceDataset`

7.6CVSS1.7AI score0.00746EPSS

Exploits1References7Affected Software3

vulnersOsv•added 2022/02/09 11:39 p.m.•6 views

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-23567 via tensorflow-cpu (>=1.15.0 <=2.4.4)

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23567 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23567 Source advisory: OSV:GHSA-RRX2-R989-2C43...

vulnersOsv•added 2022/02/09 11:39 p.m.•3 views

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-23567 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-23567 Source advisory: OSV:GHSA-RRX2-R989-2C43...

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-23567 via tensorflow (>=2.7.0 <=2.7.0rc1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-23567 Source advisory: OSV:GHSA-RRX2-R989-2C43...

vulnersOsv•added 2022/02/09 11:39 p.m.•3 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-23567 via tensorflow-gpu (>=1.10.1 <=2.5.1)

vulnersOsv•added 2022/02/09 11:39 p.m.•4 views

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-23567 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-23567 Source advisory: OSV:GHSA-RRX2-R989-2C43...

vulnersOsv•added 2022/02/09 11:39 p.m.•3 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23567 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-23567 Source advisory:...

vulnersOsv•added 2022/02/09 11:39 p.m.•9 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-23567 via tensorflow (>=1.0.1 <=2.5.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-23567 Source advisory: OSV:GHSA-RRX2-R989-2C43...

OSV•added 2022/02/09 11:39 p.m.•4 views

GHSA-RRX2-R989-2C43 Integer overflows in Tensorflow

Impact The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial of service: python import tensorflow as tf import...

7.1CVSS5.8AI score0.01097EPSS

Exploits1References9

Github Security Blog•added 2022/02/09 11:39 p.m.•65 views

Integer overflows in Tensorflow

6.5CVSS3AI score0.01097EPSS

Exploits1References9Affected Software3

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-23568 via tensorflow-cpu (>=1.15.0 <=2.4.4)

vulnersOsv•added 2022/02/09 11:39 p.m.•4 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-23568 via tensorflow (>=1.0.1 <=2.5.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-23568 Source advisory: OSV:GHSA-6445-FM66-FVQ2...

vulnersOsv•added 2022/02/09 11:39 p.m.•7 views

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-23568 via tensorflow (>=2.7.0 <=2.7.0rc1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-23568 Source advisory: OSV:GHSA-6445-FM66-FVQ2...

vulnersOsv•added 2022/02/09 11:39 p.m.•1 views

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-23568 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-23568 Source advisory: OSV:GHSA-6445-FM66-FVQ2...

vulnersOsv•added 2022/02/09 11:39 p.m.•6 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23568 via tensorflow-gpu (=2.7.0)

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-23568 via tensorflow-gpu (>=1.10.1 <=2.5.1)