14326 matches found
Google TensorFlow 资源管理错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a resource management error vulnerability that can be exploited by an attacker to cause use-after-release behavior when decoding PNG images...
Google Tensorflow 代码问题漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow has a code issue vulnerability that stems from the simplifyBroadcast function in the MLIR-TFRT infrastructure in TensorFlow being prone to segmentation errors. No detailed...
Google TensorFlow 代码问题漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google USA. Google TensorFlow is vulnerable to a code issue that stems from the fact that TensorFlow may fail to specialize types during shape inference. No detailed vulnerability details are currently available...
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google. Google TensorFlow has a security vulnerability that can be exploited to cause a denial of service by modifying SavedModel so that TensorByteSize triggers a CHECK failure...
PT-2022-16110 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow version 2.8.0 Description: The simplifyBroadcast function in the MLIR-TFRT infrastructure is vulnerable to a segfault, resulting in a denial of service, when called with scalar shapes. If all shapes are scalar, the maxRank is 0,...
PT-2022-16088 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.3 TensorFlow versions prior to 2.6.3 TensorFlow versions prior to 2.7.1 TensorFlow versions prior to 2.8.0 Description: When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a...
PT-2022-16101 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 will be fixed in 2.7.1 TensorFlow versions 2.6.0 through 2.6.2 will be fixed in 2.6.3 TensorFlow versions 2.5.0 through 2.5.2 will be fixed in 2.5.3 Description: A...
PT-2022-16073 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: An attacker can craft a TFLite model that would cause an integer overflow in...
PT-2022-16072 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: An attacker can craft a TFLite model that would trigger a division by zero in the BiasAndClamp implementation. There is no check tha...
PT-2022-16096 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler optimizer in TensorFlow can be used to cause a denial of service by...
PT-2022-16077 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions prior to 2.7.1 TensorFlow versions prior to 2.6.3 TensorFlow versions prior to 2.5.3 Description: An attacker can craft a TFLite model to cause a write outside the bounds of an array in...
PT-2022-16097 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: During shape inference, TensorFlow can allocate a large vector based on a value...
PT-2022-16076 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.5.3 through 2.7.1 TensorFlow version 2.8.0 is not affected, as it includes the fix. Description: An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits...
PT-2022-16080 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.3 TensorFlow versions prior to 2.6.3 TensorFlow versions prior to 2.7.1 TensorFlow versions prior to 2.8.0 Description: When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter...
PT-2022-16104 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler component of TensorFlow is vulnerable to an integer overflow during...
PT-2022-16102 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow version 2.7.1 TensorFlow version 2.6.3 TensorFlow version 2.5.3 Description: When decoding PNG images, TensorFlow can produce a memory leak if the image is invalid. After calling...
PT-2022-16078 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of Range suffers from integer overflows, which can trigger...
PT-2022-16074 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 TensorFlow versions 2.6.0 through 2.6.2 TensorFlow versions 2.5.0 through 2.5.2 Description: An attacker can craft a TFLite model that would cause an integer overflow ...
PT-2022-16081 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operatio...
PT-2022-16106 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler component of TensorFlow can trigger a null pointer dereference unde...