pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2021-29607 via tensorflow-cpu (=2.2.0)

tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29607 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

complaintclassify (=0.0.9) potentially affected by CVE-2021-29607 via tensorflow-cpu (=2.4.0)

tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +160 more potentially affected by CVE-2021-29607 via tensorflow-gpu (>=1.10.1 <=2.1.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29607 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +3 more potentially affected by CVE-2021-29607 via tensorflow-gpu (>=2.4.0 <=2.4.1)

tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29607 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +1361 more potentially affected by CVE-2021-29607 via tensorflow (>=1.0.1 <=2.1.2)

tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =0.0.6, =0.1.0, =0.0.1, =1.1.2, =0.0.1, =2.0.0, =0.3.26, =0.2.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29607 via tensorflow (>=2.2.0 <=2.2.2)

tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

d3m-simon (=1.2.5), easyquake (>=1.3.0 <=1.4.0) potentially affected by CVE-2021-29607 via tensorflow-gpu (=2.2.0)

tensorflow-gpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - d3m-simon =1.2.5 - easyquake =1.3.0, =1.4.0 Source cves: CVE-2021-29607 Source advisory: OSV:GHSA-GV26-JPJ9-C8GQ...

Incomplete validation in `SparseSparseMinimum`

Impact Incomplete validation in SparseAdd results in allowing attackers to exploit undefined behavior dereferencing null pointers as well as write outside of bounds of heap allocated data: python import tensorflow as tf aindices = tf.ones45, 92, dtype=tf.int64 avalues = tf.ones45, dtype=tf.int64...

Security Bulletin: Multiple vulnerabilities fixed in IBM Maximo Application Suite Monitor

Summary IBM Maximo Application Suite Monitor is vulnerable to Multiple vulnerabilities. See Vulnerability Details. This has been addressed in each of the components; refer to the Remediation section for details. Vulnerability Details CVEID: CVE-2020-15265 DESCRIPTION: Tensorflow is vulnerable to ...

Tensorflow Denial of Service Vulnerability (CNVD-2022-31833)

Tensorflow is an open source machine learning framework. a denial-of-access vulnerability exists in TensorFlow, which can be exploited by attackers to launch a denial-of-service attack against a target...

Google Tensorflow Denial of Service Vulnerability (CNVD-2022-13928)

TensorFlow is an end-to-end open source machine learning platform. It has a comprehensive and flexible ecosystem of tools, libraries, and community resources that help researchers push the boundaries of advanced machine learning techniques and enable developers to easily build and deploy...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-14990)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google Tensorflow suffers from an input validation error vulnerability that stems from a lack of validation of the input tensor shape, which could be exploited to launch a denial-of-service attack...

Google TensorFlow code issue vulnerability (CNVD-2022-14996)

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow is vulnerable to a code issue that stems from an undefined behavior in the QuantizedMaxPool implementation, where user-controlled input can trigger a reference binding to a null...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-14991)

TensorFlow is an end-to-end open source platform for machine learning from Google. Google TensorFlow is vulnerable to an input validation error that could be exploited by an attacker to crash the system...

Google TensorFlow numeric error vulnerability (CNVD-2022-14992)

TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow is vulnerable to a numeric error vulnerability that could be exploited by an attacker to craft a TFLite model that would trigger a division by zero in a deep convolutional implementation...

Google TensorFlow numeric error vulnerability (CNVD-2022-14993)

TensorFlow is an end-to-end open source platform for machine learning from Google. Google TensorFlow is vulnerable to a numerical error that results from the fact that the cost estimator of certain convolution operations can be used to perform an operation divided by zero, and the function fails ...

Google TensorFlow has an unspecified vulnerability (CNVD-2022-14995)

TensorFlow is an end-to-end open-source platform for machine learning from Google. Google TensorFlow has a security vulnerability that can be exploited by attackers to cause a denial of service...