Lucene search
K

14311 matches found

OSV
OSV
added 2022/02/03 1:15 p.m.17 views

PYSEC-2022-53

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS3.3AI score0.00783EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 1:15 p.m.3 views

PYSEC-2022-104

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure ...

6.5CVSS6.7AI score0.00783EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 1:15 p.m.21 views

PYSEC-2022-49

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure ...

6.5CVSS2AI score0.00783EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 1:15 p.m.3 views

PYSEC-2022-108

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS5.9AI score0.00783EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 1:15 p.m.4 views

PYSEC-2022-113

Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...

6.5CVSS5.9AI score0.00783EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 1:15 p.m.20 views

PYSEC-2022-78

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS2.7AI score0.00458EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/02/03 1:13 p.m.29 views

CVE-2022-21739 Null pointer dereference in TensorFlow

Tensorflow is an Open Source Machine Learning Framework. The implementation of QuantizedMaxPool has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow...

6.5CVSS6.6AI score0.00783EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 1:13 p.m.122 views

CVE-2022-21739

TensorFlow’s QuantizedMaxPool has an undefined behavior that can trigger a reference binding to a null pointer when handling user-controlled inputs. The patch is planned for TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3 (still in supported range). Remediation: upgrade to TensorFl...

6.5CVSS6.6AI score0.00783EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/03 1:13 p.m.21 views

CVE-2022-21739 Null pointer dereference in TensorFlow

Tensorflow is an Open Source Machine Learning Framework. The implementation of QuantizedMaxPool has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow...

6.5CVSS6.4AI score0.00783EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2022/02/03 1:13 p.m.4 views

CVE-2022-21739

Tensorflow is an Open Source Machine Learning Framework. The implementation of QuantizedMaxPool has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow...

6.5CVSS6.9AI score0.00783EPSS
Exploits1
Cvelist
Cvelist
added 2022/02/03 12:59 p.m.35 views

CVE-2022-21734 `CHECK`-failures in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...

6.5CVSS6.7AI score0.00783EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 12:59 p.m.127 views

CVE-2022-21734

TensorFlow CVE-2022-21734: The MapStage kernel is vulnerable to a CHECK-fail when the key tensor is non-scalar, potentially allowing a denial of service. The reported fix is included in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3 for affected, supported releases. Recommend upgr...

6.5CVSS6.6AI score0.00783EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/03 12:59 p.m.6 views

CVE-2022-21734 `CHECK`-failures in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...

6.5CVSS6.5AI score0.00783EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 12:59 p.m.20 views

CVE-2022-21734 `CHECK`-failures in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...

6.5CVSS6.4AI score0.00783EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2022/02/03 12:59 p.m.4 views

CVE-2022-21734

Tensorflow is an Open Source Machine Learning Framework. The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as...

6.5CVSS7AI score0.00783EPSS
Exploits1
Cvelist
Cvelist
added 2022/02/03 12:53 p.m.27 views

CVE-2022-21735 Division by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalMaxPool can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow...

6.5CVSS6.6AI score0.00783EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 12:53 p.m.125 views

CVE-2022-21735

TensorFlow vulnerability CVE-2022-21735 involves the FractionalMaxPool implementation where a division-by-zero can crash the TensorFlow process. The issue is documented across multiple sources, noting the root cause in FractionalMaxPool and that a patch fixes it in TensorFlow 2.8.0, with cherry-p...

6.5CVSS6.5AI score0.00783EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/03 12:53 p.m.9 views

CVE-2022-21735 Division by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalMaxPool can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow...

6.5CVSS6.4AI score0.00783EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/02/03 12:53 p.m.3 views

CVE-2022-21735

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalMaxPool can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow...

6.5CVSS6.9AI score0.00783EPSS
Exploits1
OSV
OSV
added 2022/02/03 12:53 p.m.29 views

CVE-2022-21735 Division by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalMaxPool can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow...

6.5CVSS6.3AI score0.00783EPSS
Exploits1References5
Rows per page
Query Builder