14326 matches found
PT-2022-16103 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: A malicious user can cause a denial of service by altering a SavedModel such tha...
PT-2022-16100 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This...
PT-2022-16087 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.1 TensorFlow versions 2.6.0 through 2.6.3 Description: When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable argumen...
PT-2022-16109 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow version 2.8.0 Description: The type inference in TensorFlow can cause a heap out of bounds read due to inadequate bounds checking, which is done in a DCHECK that is a no-op during production. An attacker can manipulate the input id...
Google Tensorflow 输入验证错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google Tensorflow is vulnerable to an input validation error that could be exploited by an attacker to build a TFLite model that leads to an integer overflow in the embedding lookup operation...
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that can be exploited by an attacker to change the format of the SavedModel on disk to invalidate these assumptions, and then...
PT-2022-16094 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of GetInitOp is vulnerable to a crash caused by dereferencing a null pointer. This issue can be exploited by a...
PT-2022-16090 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 will be fixed in 2.7.1 TensorFlow versions 2.6.0 through 2.6.2 will be fixed in 2.6.3 TensorFlow versions 2.5.0 through 2.5.2 will be fixed in 2.5.3 Description: The...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a set of end-to-end open source platform for machine learning from Google Google Inc. Google TensorFlow has a buffer overflow vulnerability, which stems from the fact that TensorFlow is vulnerable to heap OOB write attacks in er. No detailed vulnerability details are currentl...
PT-2022-16108 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The GraphDef format in TensorFlow does not allow self recursive functions...
PT-2022-16112 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The issue occurs when building an XLA compilation cache with default settings,...
Google Tensorflow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a security vulnerability that can be exploited by an attacker to cause a denial of service by changing the SavedModel so that it can be asserted in a function...
PT-2022-16107 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.7.0 through 2.7.0 and versions prior to 2.8.0 Description: A GraphDef from a TensorFlow SavedModel can be maliciously altered to cause a TensorFlow process to crash due to encountering a StatusOr value that is an error a...
PT-2022-16099 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: A malicious user can cause a denial of service by altering a SavedModel such tha...
PT-2022-16104 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The Grappler component of TensorFlow is vulnerable to an integer overflow during...
CVE-2022-21740
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseCountSparseOutput is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also...
CVE-2022-21741
Tensorflow is an Open Source Machine Learning Framework. Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-21740 via tensorflow-gpu (>=1.10.1 <=2.5.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-21740 Source advisory: OSV:PYSEC-2022-119...
animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-21740 via tensorflow-gpu (>=2.6.0 <=2.6.2)
tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-21740 Source advisory: OSV:PYSEC-2022-119...