Lucene search
K

14311 matches found

NVD
NVD
added 2022/02/03 12:15 p.m.33 views

CVE-2022-21733

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

6.5CVSS0.00821EPSS
Exploits1References3
Prion
Prion
added 2022/02/03 12:15 p.m.15 views

Design/Logic Flaw

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

4CVSS6.6AI score0.00746EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.7 views

PYSEC-2022-112

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

6.5CVSS6.8AI score0.00821EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.4 views

PYSEC-2022-110

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

6.5CVSS6.8AI score0.00845EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.4 views

PYSEC-2022-77

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS7.1AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.5 views

PYSEC-2022-60

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

7.6CVSS6.9AI score0.00746EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.6 views

PYSEC-2022-115

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

7.6CVSS6.9AI score0.00746EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.4 views

PYSEC-2022-55

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

6.5CVSS6.8AI score0.00845EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.4 views

PYSEC-2022-57

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

6.5CVSS6.8AI score0.00821EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/02/03 12:15 p.m.14 views

Integer overflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

5CVSS6.5AI score0.00821EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/02/03 12:15 p.m.14 views

Design/Logic Flaw

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

4CVSS6.4AI score0.00765EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/02/03 12:15 p.m.21 views

Type confusion

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

4CVSS6.4AI score0.00845EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.7 views

PYSEC-2022-111

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

6.5CVSS6.8AI score0.00765EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.4 views

PYSEC-2022-132

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS7.1AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.6 views

PYSEC-2022-131

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS6.9AI score0.01097EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2022/02/03 12:15 p.m.12 views

Integer overflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

4CVSS6.7AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.6 views

PYSEC-2022-76

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS6.9AI score0.01097EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2022/02/03 12:15 p.m.7 views

PYSEC-2022-56

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

6.5CVSS6.8AI score0.00765EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/02/03 12:15 p.m.14 views

Integer overflow

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

4CVSS6.5AI score0.01097EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/02/03 12:15 p.m.7 views

PYSEC-2022-112

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

6.5CVSS6.7AI score0.00821EPSS
Exploits1References3
Rows per page
Query Builder