CVE-2020-15196

In Tensorflow version 2.3.0, the SparseCountSparseOutput and RaggedCountSparseOutput implementations don't validate that the weights tensor has the same shape as the data. The check exists for DenseCountSparseOutput, where both tensors are fully specified. In the sparse and ragged count weights a...

CVE-2020-15197 Denial of Service in Tensorflow

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...

CVE-2020-15197

TensorFlow prior to 2.3.1 is affected by CVE-2020-15197 due to a validation gap in SparseCountSparseOutput: the indices tensor is not checked to be rank 2, though code treats it as a matrix. This can allow crafted input sparse tensors to cause a CHECK failure and crash, enabling denial of service...

CVE-2020-15198 Heap buffer overflow in Tensorflow

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

CVE-2020-15198

CVE-2020-15198 affects TensorFlow up to 2.3.0: SparseCountSparseOutput may access heap buffers out of bounds due to missing validation that indices and values shapes match in a sparse tensor. This root cause enables a heap buffer overflow in pre-2.3.1 builds. A fix was committed (3cbb917b47147660...

CVE-2020-15199 Denial of Service in Tensorflow

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

CVE-2020-15199

Summary: TensorFlow prior to 2.3.1 contains a bug in RaggedCountSparseOutput where input ragged tensors are not validated for proper splits; an empty or single-element splits can trigger a SIGABRT due to an initialization bound. Root cause: lack of validation in RaggedCountSparseOutput when formi...

CVE-2020-15200 Segfault in Tensorflow

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

CVE-2020-15200

CVE-2020-15200 affects TensorFlow before 2.3.1. The RaggedCountSparseOutput path does not validate that the input ragged tensor is well-formed, specifically not validating that the splits form a valid partition of values. This can set up conditions that lead to a heap-based buffer overflow and, i...

CVE-2020-15200

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

CVE-2020-15190 Segfault in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the tf.rawops.Switch operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. Howeve...

CVE-2020-15190

TensorFlow CVE-2020-15190 is a vulnerability in tf.raw_ops.Switch where, in eager mode, the runtime binds a reference to a nullptr when one of the two outputs is undefined. This causes undefined behavior and can segfault when compiled with -fsanitize=null. The issue affects TensorFlow versions 1....

adapt-diagnostics (=1.2.0), adversarial-friend (=1.1.8) +64 more potentially affected by CVE-2020-15212 via tensorflow (=2.3.0)

tensorflow PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - adapt-diagnostics =1.2.0 - adversarial-friend =1.1.8 - aliby-baby =0.1.0, =0.0.1a0, =0.0.1, =1.0.1.0, =0.1.0, =2.0.0, =0.1.0, =0.0.17, =0.1...

tensorflowjs (>=1.5.2 <=1.7.4) potentially affected by CVE-2020-15210 via tensorflow-cpu (=2.1.0)

tensorflow-cpu PYPI version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - tensorflowjs =1.5.2, =1.7.4 Source cves: CVE-2020-15210 Source advisory: OSV:GHSA-X9J7-X98R-R4W2...

adapt-diagnostics (=1.2.0), adversarial-friend (=1.1.8) +64 more potentially affected by CVE-2020-15211 via tensorflow (=2.3.0)

tensorflow PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - adapt-diagnostics =1.2.0 - adversarial-friend =1.1.8 - aliby-baby =0.1.0, =0.0.1a0, =0.0.1, =1.0.1.0, =0.1.0, =2.0.0, =0.1.0, =0.0.17, =0.1...

ai4bharat-transliteration (>=1.1.0 <=1.1.3), aipack (>=0.0.1 <=0.0.5) +52 more potentially affected by CVE-2020-15211 via tensorflow (>=2.0.0 <=2.0.1)

tensorflow PYPI version =2.0.0, =1.1.0, =0.0.1, =0.1.3.2, =0.2.6, =0.2.0, =0.0.2, =1.0.0.1, =0.0.1, =1.0.4, =0.6.0.post3, =0.1.3, =1.0.0, =1.0.1 and more Source cves: CVE-2020-15211 Source advisory: OSV:GHSA-CVPC-8PHH-8F45...

abba-python (>=0.1.6 <=0.3.0), adpred (>=1.1.2 <=1.2.7) +233 more potentially affected by CVE-2020-15209 via tensorflow (>=1.0.1 <=1.15.3)

tensorflow PYPI version =1.0.1, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =0.2.0, =0.4.2, =0.1.1, =0.1.5 - autobazaar =0.1.0 - autogan =0.0.5 - automationobjectdetection-sandeepjena7 =0.0.1 - automl-lib =0.0.1 and more Source cves: CVE-2020-15209 Source advisory: OSV:GHSA-QH32-6JJC-QPRM...

Null pointer dereference in tensorflow-lite

Impact A crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. The runtime assumes that these buffers are written to before a...

accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +82 more potentially affected by CVE-2020-15208 via tensorflow (=2.2.0)

tensorflow PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - accuinsight =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2020-15208 Source advisory...

Data corruption in tensorflow-lite

Impact When determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/types.hL437-L442 Since the function...