Lucene search
K

14311 matches found

Vulnrichment
Vulnrichment
added 2022/02/03 12:47 p.m.9 views

CVE-2022-23569 `CHECK`-fails when building invalid tensor shapes in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS6.4AI score0.00458EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/02/03 12:47 p.m.29 views

CVE-2022-23569 `CHECK`-fails when building invalid tensor shapes in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS6.6AI score0.00458EPSS
Exploits0References2
CVE
CVE
added 2022/02/03 12:47 p.m.112 views

CVE-2022-23569

TensorFlow/CVE-2022-23569: Denial‑of‑service via CHECK‑fails (assertion failures) across multiple ops in TensorFlow/TFLite, caused by invalid tensor shapes and related checks. Root cause: assertion failures in core paths; fixes released as patches implemented in GitHub commits. Remediation: upgra...

6.5CVSS6.5AI score0.00458EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2022/02/03 12:47 p.m.2 views

CVE-2022-23569

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS7AI score0.00458EPSS
Exploits0
OSV
OSV
added 2022/02/03 12:47 p.m.27 views

CVE-2022-23569 `CHECK`-fails when building invalid tensor shapes in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS6.6AI score0.00458EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/02/03 12:28 p.m.40 views

CVE-2022-21729 Overflow and uncaught divide by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS6.8AI score0.00783EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/02/03 12:28 p.m.7 views

CVE-2022-21729 Overflow and uncaught divide by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS6.5AI score0.00783EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 12:28 p.m.95 views

CVE-2022-21729

The vulnerability CVE-2022-21729 affects TensorFlow: the UnravelIndex implementation is vulnerable to a division-by-zero caused by an integer overflow in the unravel_index_op. The issue is addressed with a fix in TensorFlow 2.8.0, with cherry-picks to older supported releases TensorFlow 2.7.1, 2....

6.5CVSS6.7AI score0.00783EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/02/03 12:28 p.m.4 views

CVE-2022-21729

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS7.2AI score0.00783EPSS
Exploits1
OSV
OSV
added 2022/02/03 12:28 p.m.18 views

CVE-2022-21729 Overflow and uncaught divide by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS6.5AI score0.00783EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/02/03 12:21 p.m.9 views

CVE-2022-21725 Division by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure ...

6.5CVSS6.6AI score0.00783EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/02/03 12:21 p.m.24 views

CVE-2022-21725 Division by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure ...

6.5CVSS6.8AI score0.00783EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 12:21 p.m.109 views

CVE-2022-21725

TensorFlow CVE-2022-21725 describes a vulnerability in the cost estimator for some convolution operations where the stride is not properly validated, enabling a division-by-zero scenario. The issue is caused by the estimator failing to ensure the stride argument is strictly positive. The fix is t...

6.5CVSS6.8AI score0.00783EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/02/03 12:21 p.m.4 views

CVE-2022-21725

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure ...

6.5CVSS7.1AI score0.00783EPSS
Exploits1
OSV
OSV
added 2022/02/03 12:21 p.m.20 views

CVE-2022-21725 Division by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure ...

6.5CVSS6.5AI score0.00783EPSS
Exploits1References5
NVD
NVD
added 2022/02/03 12:15 p.m.26 views

CVE-2022-21736

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

7.6CVSS0.00746EPSS
Exploits1References3
NVD
NVD
added 2022/02/03 12:15 p.m.27 views

CVE-2022-23568

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS0.008EPSS
Exploits1References4
NVD
NVD
added 2022/02/03 12:15 p.m.16 views

CVE-2022-23567

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS0.01097EPSS
Exploits1References5
NVD
NVD
added 2022/02/03 12:15 p.m.24 views

CVE-2022-21732

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

6.5CVSS0.00765EPSS
Exploits1References3
NVD
NVD
added 2022/02/03 12:15 p.m.29 views

CVE-2022-21731

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

6.5CVSS0.00845EPSS
Exploits1References4
Rows per page
Query Builder