CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

vulnersOsv•added 2022/09/16 9:4 p.m.•2 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35937 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35937 Source advisory: OSV:GHSA-PXRW-J2FV-HX3H...

vulnersOsv•added 2022/09/16 9:4 p.m.•0 views

aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-35937 via tensorflow (>=2.9.0 <=2.9.0rc2)

tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-35937 Source advisory: OSV:GHSA-PXRW-J2FV-HX3H...

vulnersOsv•added 2022/09/16 9:4 p.m.•1 views

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +98 more potentially affected by CVE-2022-35937 via tensorflow-cpu (>=1.15.0 <=2.7.0)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-35937 Source advisory: OSV:GHSA-PXRW-J2FV-HX3H...

vulnersOsv•added 2022/09/16 9:4 p.m.•2 views

clip-jax (=0.0.5) potentially affected by CVE-2022-35937 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35937 Source advisory: OSV:GHSA-PXRW-J2FV-HX3H...

vulnersOsv•added 2022/09/16 9:4 p.m.•2 views

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35937 via tensorflow-gpu (>=1.10.1 <=2.7.0)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35937 Source advisory: OSV:GHSA-PXRW-J2FV-HX3H...

vulnersOsv•added 2022/09/16 9:4 p.m.•1 views

causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-35937 via tensorflow-gpu (=2.8.0)

tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-35937 Source advisory: OSV:GHSA-PXRW-J2FV-H...

Github Security Blog•added 2022/09/16 9:4 p.m.•27 views

TensorFlow vulnerable to OOB read in `Gather_nd` in TF Lite

Impact The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. Patches We have patched the issue in GitHub commit...

9.1CVSS8.8AI score0.00422EPSS

Exploits0References6Affected Software3

OSV•added 2022/09/16 9:4 p.m.•1 views

GHSA-PXRW-J2FV-HX3H TensorFlow vulnerable to OOB read in `Gather_nd` in TF Lite

7CVSS5.8AI score0.00422EPSS

Exploits0References6

Cvelist•added 2022/09/16 9:0 p.m.•28 views

CVE-2022-35972 Segfault in `QuantizedBiasAdd` in TensorFlow

TensorFlow is an open source platform for machine learning. If QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

5.9CVSS7.6AI score0.00391EPSS

Vulnrichment•added 2022/09/16 9:0 p.m.•3 views

CVE-2022-35972 Segfault in `QuantizedBiasAdd` in TensorFlow

5.9CVSS7.4AI score0.00391EPSS

CVE•added 2022/09/16 9:0 p.m.•72 views

CVE-2022-35972

TensorFlow CVE-2022-35972 concerns a segfault in QuantizedBiasAdd when given min_input, max_input, min_bias, max_bias with a nonzero rank, leading to a denial of service. A patch was applied in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0, with the fix slated for TensorFlow 2.10.0. The ...

7.5CVSS6.4AI score0.00391EPSS

Exploits0References2Affected Software1

Debian CVE•added 2022/09/16 9:0 p.m.•2 views

CVE-2022-35972

7.5CVSS6.8AI score0.00391EPSS

OSV•added 2022/09/16 9:0 p.m.•25 views

CVE-2022-35972 Segfault in `QuantizedBiasAdd` in TensorFlow

5.9CVSS7.3AI score0.00391EPSS

Exploits0References4

CVE•added 2022/09/16 9:0 p.m.•95 views

CVE-2022-35973

CVE-2022-35973 affects TensorFlow and is caused when QuantizedMatMul receives nonscalar inputs for min_a, max_a, min_b, or max_b, leading to a segfault that can trigger a denial of service. The fix was implemented in a GitHub commit (aca766ac7693bf29ed0df55ad6bfcc78f35e7f48) and will be included ...

7.5CVSS6.4AI score0.00404EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/09/16 9:0 p.m.•33 views

CVE-2022-35973 Segfault in `QuantizedMatMul` in TensorFlow

TensorFlow is an open source platform for machine learning. If QuantizedMatMul is given nonscalar input for: mina, maxa, minb, or maxb It gives a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit aca766ac7693bf29ed0df55ad6bfcc78f35e7f48. T...

5.9CVSS7.7AI score0.00404EPSS

Vulnrichment•added 2022/09/16 9:0 p.m.•6 views

CVE-2022-35973 Segfault in `QuantizedMatMul` in TensorFlow

5.9CVSS7.5AI score0.00404EPSS