14324 matches found
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-23574 via tensorflow (>=1.0.1 <=2.5.2)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...
alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-23574 via tensorflow (>=2.6.0 <=2.6.2)
tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-23574 via tensorflow-cpu (>=1.15.0 <=2.4.4)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-23574 via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-23574 via tensorflow-gpu (>=1.10.1 <=2.5.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...
animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23574 via tensorflow-gpu (>=2.6.0 <=2.6.2)
tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23574 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-23574 Source advisory:...
aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-23574 via tensorflow (>=2.7.0 <=2.7.0rc1)
tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-23574 Source advisory: OSV:GHSA-77GP-3H4R-6428...
GHSA-77GP-3H4R-6428 Out of bounds read and write in Tensorflow
Impact There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write: cc for int i = 0; i argssize; j++ auto arg = t-mutableargsi; // ... Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg...
Out of bounds read and write in Tensorflow
Impact There is a typo in TensorFlow's SpecializeType which results in heap OOB read/write: cc for int i = 0; i argssize; j++ auto arg = t-mutableargsi; // ... Due to a typo, arg is initialized to the ith mutable argument in a loop where the loop index is j. Hence it is possible to assign to arg...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-21730 via tensorflow (>=1.0.1 <=2.5.2)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-21730 Source advisory: OSV:GHSA-VJG4-V33C-GGC4...
alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-21730 via tensorflow (>=2.6.0 <=2.6.2)
tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-21730 Source advisory: OSV:GHSA-VJG4-V33C-GGC4...
aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-21730 via tensorflow (>=2.7.0 <=2.7.0rc1)
tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-21730 Source advisory: OSV:GHSA-VJG4-V33C-GGC4...
a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-21730 via tensorflow-cpu (>=1.15.0 <=2.4.4)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-21730 Source advisory: OSV:GHSA-VJG4-V33C-GGC4...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-21730 via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-21730 Source advisory: OSV:GHSA-VJG4-V33C-GGC4...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-21730 via tensorflow-gpu (>=1.10.1 <=2.5.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-21730 Source advisory: OSV:GHSA-VJG4-V33C-GGC4...
animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-21730 via tensorflow-gpu (>=2.6.0 <=2.6.2)
tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-21730 Source advisory: OSV:GHSA-VJG4-V33C-GGC4...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-21730 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-21730 Source advisory:...
GHSA-VJG4-V33C-GGC4 Out of bounds read in Tensorflow
Impact The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap: python import tensorflow as tf @tf.function def test: y = tf.rawops.FractionalAvgPoolGrad originputtensorshape=2,2,2,2,...
Out of bounds read in Tensorflow
Impact The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap: python import tensorflow as tf @tf.function def test: y = tf.rawops.FractionalAvgPoolGrad originputtensorshape=2,2,2,2,...