Lucene search
K

14315 matches found

Debian CVE
Debian CVE
added 2022/02/03 11:52 a.m.3 views

CVE-2022-23567

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS6.9AI score0.01097EPSS
Exploits1
OSV
OSV
added 2022/02/03 11:42 a.m.23 views

CVE-2022-23568 Integer overflows in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS6.5AI score0.008EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/02/03 11:42 a.m.28 views

CVE-2022-23568 Integer overflows in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS6.8AI score0.008EPSS
Exploits1References4
CVE
CVE
added 2022/02/03 11:42 a.m.91 views

CVE-2022-23568

CVE-2022-23568 describes an integer overflow in TensorFlow’s AddManySparseToTensorsMap, causing a CHECK-fail when constructingTensorShape objects. The issue arises from insufficient validation of input tensor shapes and constructing large TensorShape with user-provided dimensions, enabling a deni...

6.5CVSS6.7AI score0.008EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/03 11:42 a.m.11 views

CVE-2022-23568 Integer overflows in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS6.5AI score0.008EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/02/03 11:42 a.m.2 views

CVE-2022-23568

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects so, an assert failure based denial of service. We are missing some validation on the...

6.5CVSS7.2AI score0.008EPSS
Exploits1
CVE
CVE
added 2022/02/03 11:37 a.m.110 views

CVE-2022-21731

Technical details are not publicly available in the provided Connected documents. The Initial Description mentions a TensorFlow shape-inference vulnerability but does not specify affected products/versions beyond general references. Monitor for updates and official advisories for precise impact a...

6.5CVSS6.4AI score0.00845EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/02/03 11:37 a.m.31 views

CVE-2022-21731 Type confusion leading to segfault in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

6.5CVSS6.6AI score0.00845EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/02/03 11:37 a.m.11 views

CVE-2022-21731 Type confusion leading to segfault in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

6.5CVSS6.3AI score0.00845EPSS
Exploits1References4
OSV
OSV
added 2022/02/03 11:37 a.m.26 views

CVE-2022-21731 Type confusion leading to segfault in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion. The axis argument is translated into concatdim in the ConcatShapeHelper helper function. Then, a...

6.5CVSS6.3AI score0.00845EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/02/03 11:28 a.m.35 views

CVE-2022-21733 Memory exhaustion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

4.3CVSS6.6AI score0.00821EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 11:28 a.m.88 views

CVE-2022-21733

TensorFlow StringNGrams vulnerability CVE-2022-21733 causes memory exhaustion (OOM) due to missing validation of pad_width, which can result in a negative ngram_width used during output allocation. Affects TensorFlow/StringNGrams path in multiple TF versions; remediation is to upgrade to TensorFl...

6.5CVSS5.5AI score0.00821EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/03 11:28 a.m.5 views

CVE-2022-21733 Memory exhaustion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

4.3CVSS6.4AI score0.00821EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/02/03 11:28 a.m.2 views

CVE-2022-21733

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

6.5CVSS6.9AI score0.00821EPSS
Exploits1
OSV
OSV
added 2022/02/03 11:28 a.m.15 views

CVE-2022-21733 Memory exhaustion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

4.3CVSS6.3AI score0.00821EPSS
Exploits1References5
OSV
OSV
added 2022/02/03 11:21 a.m.18 views

CVE-2022-21732 Memory exhaustion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

4.3CVSS6.3AI score0.00765EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/02/03 11:21 a.m.34 views

CVE-2022-21732 Memory exhaustion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

4.3CVSS6.5AI score0.00765EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/02/03 11:21 a.m.9 views

CVE-2022-21732 Memory exhaustion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

4.3CVSS6.3AI score0.00765EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 11:21 a.m.126 views

CVE-2022-21732

CVE-2022-21732 affects TensorFlow’s ThreadPoolHandle. The vulnerability stems from allowing an unbounded num_threads value (only checked to be non-negative), enabling memory exhaustion and a potential denial-of-service. A fix is available in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3 and...

6.5CVSS5.3AI score0.00765EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/02/03 11:21 a.m.4 views

CVE-2022-21732

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the numthreads argument is only checked to not be negative, but there is no upper bound on its value. Th...

6.5CVSS6.7AI score0.00765EPSS
Exploits1
Rows per page
Query Builder