CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

vulnersOsv•added 2022/11/21 8:40 p.m.•4 views

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-41885 via tensorflow-cpu (>=1.15.0 <=2.7.0)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-41885 Source advisory: OSV:GHSA-762H-VPVW-3RCX...

vulnersOsv•added 2022/11/21 8:40 p.m.•5 views

aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-41885 via tensorflow (>=2.9.0 <=2.9.0rc2)

tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-41885 Source advisory: OSV:GHSA-762H-VPVW-3RCX...

Github Security Blog•added 2022/11/21 8:40 p.m.•26 views

Overflow in `FusedResizeAndPadConv2D`

Impact When tf.rawops.FusedResizeAndPadConv2D is given a large tensor shape, it overflows. python import tensorflow as tf mode = "REFLECT" strides = 1, 1, 1, 1 padding = "SAME" resizealigncorners = False input = tf.constant147, shape=3,3,1,1, dtype=tf.float16 size =...

7.5CVSS7.2AI score0.0043EPSS

Exploits1References5Affected Software3

vulnersOsv•added 2022/11/21 8:40 p.m.•4 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-41885 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-41885 Source advisory: OSV:GHSA-762H-VPVW-3RCX...

vulnersOsv•added 2022/11/21 8:40 p.m.•10 views

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +183 more potentially affected by CVE-2022-41885 via tensorflow-gpu (>=1.10.1 <=2.7.2)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41885 Source advisory: OSV:GHSA-762H-VPVW-3RCX...

vulnersOsv•added 2022/11/21 8:40 p.m.•4 views

clip-jax (=0.0.5) potentially affected by CVE-2022-41885 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-41885 Source advisory: OSV:GHSA-762H-VPVW-3RCX...

vulnersOsv•added 2022/11/21 8:39 p.m.•3 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4934 more potentially affected by CVE-2022-41884 via tensorflow (>=1.0.1 <=2.8.3)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-41884 Source advisory: OSV:GHSA-JQ6X-99HJ-Q636...

7.5CVSS7.2AI score0.0033EPSS

clip-jax (=0.0.5), sdeper (>=1.1.0 <=1.6.1) potentially affected by CVE-2022-41884 via tensorflow-cpu (>=2.9.0 <=2.9.1)

tensorflow-cpu PYPI version =2.9.0, =1.1.0, =1.6.1 Source cves: CVE-2022-41884 Source advisory: OSV:GHSA-JQ6X-99HJ-Q636...

Github Security Blog•added 2022/11/21 8:39 p.m.•33 views

Seg fault in `ndarray_tensor_bridge` due to zero and large inputs

Impact If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error: python np.ones0, 231, 231 An example of a proof of concept: python import numpy as np import tensorflow as tf inputval =...

7.5CVSS7.5AI score0.0033EPSS

Exploits1References4Affected Software3

aggmap (>=1.1.1 <=1.2.1), molmap (>=1.3.1 <=1.4.0) potentially affected by CVE-2022-41884 via tensorflow-gpu (=2.9.1)

tensorflow-gpu PYPI version =2.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - aggmap =1.1.1, =1.3.1, =1.4.0 Source cves: CVE-2022-41884 Source advisory: OSV:GHSA-JQ6X-99HJ-Q636...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +188 more potentially affected by CVE-2022-41884 via tensorflow-gpu (>=1.10.1 <=2.8.3)

vulnersOsv•added 2022/11/21 8:39 p.m.•2 views

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-41884 via tensorflow-cpu (>=1.15.0 <=2.7.4)

OSV•added 2022/11/21 8:39 p.m.•3 views

GHSA-JQ6X-99HJ-Q636 Seg fault in `ndarray_tensor_bridge` due to zero and large inputs

4.8CVSS7AI score0.0033EPSS

Exploits1References4

aimodelshare (>=0.0.157 <=0.1.0), aliby (>=0.1.18 <=0.1.55) +69 more potentially affected by CVE-2022-41884 via tensorflow (>=2.9.0 <=2.9.2)

tensorflow PYPI version =2.9.0, =0.0.157, =0.1.18, =0.1.11, =0.30.0, =0.2.6, =0.0.1, =1.0.0, =0.0.0, =4.8.2, =0.9.0, =0.99.1 - cvt-tensorflow =1.1.4 and more Source cves: CVE-2022-41884 Source advisory: OSV:GHSA-JQ6X-99HJ-Q636...

Github Security Blog•added 2022/11/21 8:39 p.m.•31 views

Out of bounds segmentation fault due to unequal op inputs in Tensorflow

Impact tf.rawops.DynamicStitch specifies input sizes when it is registered. cpp REGISTEROP"DynamicStitch" .Input"indices: N int32" .Input"data: N T" .Output"merged: T" .Attr"N : int = 1" .Attr"T : type" .SetShapeFnDynamicStitchShapeFunction; When it receives a differing number of inputs, such as...

7.5CVSS7.5AI score0.0035EPSS

Exploits1References6Affected Software3

OSV•added 2022/11/21 8:39 p.m.•2 views

GHSA-W58W-79XV-6VCJ Out of bounds segmentation fault due to unequal op inputs in Tensorflow

6.8CVSS7AI score0.0035EPSS

Exploits1References6

Veracode•added 2022/11/21 11:51 a.m.•23 views

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists in the FusedResizeAndPadConv2D function of nnops.cc due to improper buffer size checking which allows an attacker to cause an application crash by providing malicious input...