Lucene search
K

14315 matches found

vulnersOsv
vulnersOsv
added 2022/02/03 11:15 a.m.6 views

a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +102 more potentially affected by CVE-2022-21727 via tensorflow-cpu (>=1.15.0 <=2.4.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-21727 Source advisory: OSV:PYSEC-2022-51...

8.8CVSS7.2AI score0.00659EPSS
Exploits1
PyPA
PyPA
added 2022/02/03 11:15 a.m.7 views

PYSEC-2022-105

Tensorflow is an Open Source Machine Learning Framework. The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of...

8.8CVSS7AI score0.00818EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/02/03 11:15 a.m.16 views

Design/Logic Flaw

Tensorflow is an Open Source Machine Learning Framework. The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of...

6.5CVSS8.8AI score0.00818EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 11:15 a.m.5 views

PYSEC-2022-51

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

8.8CVSS7.6AI score0.00659EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 11:15 a.m.5 views

PYSEC-2022-109

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS6.9AI score0.00815EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 11:15 a.m.5 views

PYSEC-2022-106

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

8.8CVSS7.6AI score0.00659EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/02/03 11:15 a.m.15 views

Heap overflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

5.5CVSS8AI score0.01125EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/02/03 11:15 a.m.6 views

PYSEC-2022-54

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS6.9AI score0.00815EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2022/02/03 11:15 a.m.7 views

PYSEC-2022-107

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS6.8AI score0.01125EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/02/03 11:15 a.m.8 views

PYSEC-2022-52

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS6.8AI score0.01125EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/02/03 11:15 a.m.1 views

PYSEC-2022-109

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS7.1AI score0.00815EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 11:15 a.m.5 views

PYSEC-2022-105

Tensorflow is an Open Source Machine Learning Framework. The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of...

8.8CVSS5.9AI score0.00818EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 11:15 a.m.17 views

PYSEC-2022-52

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS1.5AI score0.01125EPSS
Exploits1References4
OSV
OSV
added 2022/02/03 11:15 a.m.17 views

PYSEC-2022-50

Tensorflow is an Open Source Machine Learning Framework. The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of...

8.8CVSS1.5AI score0.00818EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 11:15 a.m.2 views

PYSEC-2022-106

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

8.8CVSS6.1AI score0.00659EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 11:7 a.m.28 views

CVE-2022-21727 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

7.6CVSS8.8AI score0.00659EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/02/03 11:7 a.m.18 views

CVE-2022-21727 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

7.6CVSS9.1AI score0.00659EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/02/03 11:7 a.m.8 views

CVE-2022-21727 Integer overflow in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

7.6CVSS8.9AI score0.00659EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 11:7 a.m.162 views

CVE-2022-21727

CVE-2022-21727 : TensorFlow’s Dequantize shape inference is vulnerable to an integer overflow because the axis bound is not checked before computing axis+1. The fix is to be included in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3. Remediation guidance across connected sources i...

8.8CVSS8.2AI score0.00659EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/02/03 11:7 a.m.4 views

CVE-2022-21727

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for Dequantize is vulnerable to an integer overflow weakness. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of dimensions of the...

8.8CVSS7.5AI score0.00659EPSS
Exploits1
Rows per page
Query Builder