125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-21726 via tensorflow (>=1.0.1 <=2.5.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-21726 Source advisory: OSV:GHSA-23HM-7W47-XW72...

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-21726 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-21726 Source advisory: OSV:GHSA-23HM-7W47-XW72...

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-21726 via tensorflow (>=2.7.0 <=2.7.0rc1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-21726 Source advisory: OSV:GHSA-23HM-7W47-XW72...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-21726 via tensorflow-cpu (>=1.15.0 <=2.4.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-21726 Source advisory: OSV:GHSA-23HM-7W47-XW72...

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-21726 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-21726 Source advisory: OSV:GHSA-23HM-7W47-XW72...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-21726 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-21726 Source advisory: OSV:GHSA-23HM-7W47-XW72...

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-21726 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-21726 Source advisory: OSV:GHSA-23HM-7W47-XW72...

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-21726 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-21726 Source advisory:...

Out of bounds read in Tensorflow

Impact The implementation of Dequantize does not fully validate the value of axis and can result in heap OOB accesses: python import tensorflow as tf @tf.function def test: y = tf.rawops.Dequantize input=tf.constant1,1,dtype=tf.qint32, minrange=1.0, maxrange=10.0, mode='MINCOMBINED',...

Google Tensorflow Input Validation Error Vulnerability (CNVD-2022-09897)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, U.S. Google TensorFlow is vulnerable to an input validation error that could be exploited by an attacker to create an operation containing a tensor with enough elements to cause an integer overflow...

Google Tensorflow Input Validation Error Vulnerability (CNVD-2022-09878)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google Tensorflow is vulnerable to an input validation error that could be exploited by an attacker to build a TFLite model that would result in an integer overflow in TfLiteIntArrayCreate...

Google Tensorflow code issue vulnerability (CNVD-2022-09892)

Google TensorFlow is an end-to-end open-source platform for machine learning from Google, a U.S. company. Google TensorFlow is vulnerable to a code issue that could be exploited by an attacker to cause a crash...

Google Tensorflow has an unspecified vulnerability (CNVD-2022-09894)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the er optimizer in TensorFlow that can cause a denial of service by modifying the SavedModel so that issimplifiableshape will...

Google Tensorflow has an unspecified vulnerability (CNVD-2022-09890)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from TensorFlow's use of tempfile.mktemp to create temporary files. No detailed vulnerability details are available...

Google Tensorflow code issue vulnerability (CNVD-2022-09885)

Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow is vulnerable to a code issue that stems from the fact that TensorFlow may fail to specialize types during shape inference. No detailed vulnerability details are currently available...

Google Tensorflow Buffer Overflow Vulnerability (CNVD-2022-09884)

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to build a TFLite model that allows limited reads and writes to the outside of arrays in TFLit...

Google Tensorflow has an unspecified vulnerability (CNVD-2022-09881)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, a U.S. company. Google Tensorflow has a security vulnerability that could be exploited by attackers to cause a memory leak...

Google Tensorflow Resource Management Error Vulnerability (CNVD-2022-09858)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a resource management error vulnerability that can be exploited by an attacker to cause use-after-release behavior when decoding PNG images...

Google Tensorflow has an unspecified vulnerability (CNVD-2022-09882)

Google TensorFlow is an end-to-end open source platform for machine learning from Google. Google Tensorflow has a security vulnerability that could be exploited to cause a denial of service by modifying SavedModel to trigger a CHECK failure...

Google Tensorflow code issue vulnerability (CNVD-2022-09867)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a code issue vulnerability that stems from TensorFlow triggering null pointer dereferences if default settings are used when building the XLA compilation cache. No...