Lucene search
K

14315 matches found

Vulnrichment
Vulnrichment
added 2022/02/03 11:1 a.m.7 views

CVE-2022-21726 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of...

8.1CVSS8.8AI score0.00818EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 11:1 a.m.98 views

CVE-2022-21726

TensorFlow CVE-2022-21726 affects the Dequantize path, where axis validation is insufficient and can cause heap-out-of-bounds reads. The issue arises when axis is -1 (default) or any large positive value not checked against input dimensions, reading past the dimensions array. A fix is planned for...

8.8CVSS8.4AI score0.00818EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/02/03 11:1 a.m.27 views

CVE-2022-21726 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of...

8.1CVSS9.1AI score0.00818EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/02/03 11:1 a.m.5 views

CVE-2022-21726

Tensorflow is an Open Source Machine Learning Framework. The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of...

8.8CVSS7AI score0.00818EPSS
Exploits1
OSV
OSV
added 2022/02/03 11:1 a.m.26 views

CVE-2022-21726 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses. The axis argument can be -1 the default value for the optional argument or any other positive value at most the number of...

8.1CVSS8.7AI score0.00818EPSS
Exploits1References5
CVE
CVE
added 2022/02/03 10:55 a.m.119 views

CVE-2022-21728

CVE-2022-21728 affects TensorFlow: ReverseSequence shape-inference can yield a heap-based out-of-bounds read because batch_dim is checked for being too large but not for negative values. The mitigation path is a forthcoming fix in TensorFlow 2.8.0, with cherry-picks into 2.7.1, 2.6.3, and 2.5.3. ...

8.1CVSS8AI score0.01125EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/02/03 10:55 a.m.33 views

CVE-2022-21728 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS8.3AI score0.01125EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/02/03 10:55 a.m.9 views

CVE-2022-21728 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS8.1AI score0.01125EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/02/03 10:55 a.m.4 views

CVE-2022-21728

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS6.9AI score0.01125EPSS
Exploits1
OSV
OSV
added 2022/02/03 10:55 a.m.23 views

CVE-2022-21728 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

8.1CVSS7.9AI score0.01125EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2022/02/03 10:48 a.m.6 views

CVE-2022-21730 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS8AI score0.00815EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/02/03 10:48 a.m.25 views

CVE-2022-21730 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS8.2AI score0.00815EPSS
Exploits1References3
CVE
CVE
added 2022/02/03 10:48 a.m.96 views

CVE-2022-21730

Summary: CVE-2022-21730 describes an out-of-bounds read in TensorFlow’s FractionalAvgPoolGrad due to invalid input handling. This affects TensorFlow releases prior to the fixed patch and is resolved by the fix in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3. Affected component: ...

8.1CVSS7.9AI score0.00815EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/02/03 10:48 a.m.2 views

CVE-2022-21730

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS6.9AI score0.00815EPSS
Exploits1
OSV
OSV
added 2022/02/03 10:48 a.m.19 views

CVE-2022-21730 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...

8.1CVSS7.8AI score0.00815EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/02/03 12:0 a.m.4 views

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google Tensorflow suffers from a buffer overflow vulnerability that stems from the fact that the implementation of FractionalAvgPoolGrad does not account for invalid input tensor, which can be exploited ...

8.1CVSS6.1AI score0.00815EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/03 12:0 a.m.5 views

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google Tensorflow is vulnerable to an input validation error, which can be exploited by attackers to cause a denial of service...

6.5CVSS5.6AI score0.00821EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/02/03 12:0 a.m.5 views

PT-2022-16085 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This issue is...

7.1CVSS6.3AI score0.00458EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2022/02/03 12:0 a.m.4 views

PT-2022-15081 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of SparseCountSparseOutput in TensorFlow is vulnerable to a heap overflow. This issue can be exploited using the...

8.8CVSS8.5AI score0.00788EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2022/02/03 12:0 a.m.4 views

PT-2022-16083 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementations of SparseCwise ops in TensorFlow are vulnerable to integer...

7.1CVSS6.2AI score0.01097EPSS
Exploits1References17
Rows per page
Query Builder