14329 matches found
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc...
PT-2022-16102 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow version 2.7.1 TensorFlow version 2.6.3 TensorFlow version 2.5.3 Description: When decoding PNG images, TensorFlow can produce a memory leak if the image is invalid. After calling...
PT-2022-16103 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: A malicious user can cause a denial of service by altering a SavedModel such tha...
PT-2022-16076 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.5.3 through 2.7.1 TensorFlow version 2.8.0 is not affected, as it includes the fix. Description: An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits...
PT-2022-16073 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: An attacker can craft a TFLite model that would cause an integer overflow in...
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google Google Inc. Google TensorFlow has a security vulnerability that could be exploited by an attacker to cause a denial of service in the TensorFlow process...
Tensorflow 输入验证错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Tensorflow, which stems from the fact that the er component of TensorFlow is prone to integer overflow when estimating the cost of crop and resize, whic...
PT-2022-16104 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler component of TensorFlow is vulnerable to an integer overflow during...
PT-2022-16110 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow version 2.8.0 Description: The simplifyBroadcast function in the MLIR-TFRT infrastructure is vulnerable to a segfault, resulting in a denial of service, when called with scalar shapes. If all shapes are scalar, the maxRank is 0,...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that can be exploited by an attacker to control the input idx variable so that ix is greater than the number of values in node .arg...
PT-2022-16109 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow version 2.8.0 Description: The type inference in TensorFlow can cause a heap out of bounds read due to inadequate bounds checking, which is done in a DCHECK that is a no-op during production. An attacker can manipulate the input id...
PT-2022-16112 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The issue occurs when building an XLA compilation cache with default settings,...
PT-2022-16096 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler optimizer in TensorFlow can be used to cause a denial of service by...
PT-2022-16097 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: During shape inference, TensorFlow can allocate a large vector based on a value...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, U.S. Google TensorFlow is vulnerable to an input validation error that could be exploited by an attacker to create an operation containing a tensor with enough elements to cause an integer overflow...
Google TensorFlow 资源管理错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a resource management error vulnerability that stems from the GraphDef format in TensorFlow not allowing self-recursive functions. No detailed vulnerability detail...
Google Tensorflow 代码问题漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow has a code issue vulnerability that stems from the simplifyBroadcast function in the MLIR-TFRT infrastructure in TensorFlow being prone to segmentation errors. No detailed...
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google. Google Tensorflow has a security vulnerability that could be exploited to cause a denial of service by modifying SavedModel to trigger a CHECK failure...
Google TensorFlow 资源管理错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google Tensorflow is vulnerable to resource management errors, which can be exploited by attackers to cause mismanagement of resources...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that can be exploited by an attacker to change the format of the SavedModel on disk to invalidate these assumptions, and then...